User Management¶
Omnistrate provides you with comprehensive user management capabilities designed to simplify and automate user administration for your SaaS Product. You can gain complete visibility into all users across your platform, including detailed information on their subscriptions, roles, and activity, ensuring full control over your SaaS Product's user base.
What is a User?¶
A user is an individual account holder who has access to your SaaS platform through one or more subscriptions. Users can be either external customers who subscribe to and use your SaaS Product, or internal customers from your organization. Users represent the actual people who interact with your SaaS Products, create instances, and consume resources within the boundaries defined by their subscription plans.
Each user represents:
- Email Address: A unique email address that identifies the user
- Organization: An organization that the users belong to
- Access Rights: Permissions to access specific features and resources based on their subscriptions and user type
- Role Assignments: Defined roles within each subscription that determine their level of access and capabilities
How Users Sign Up¶
The user sign up process is built into the Customer Portal and designed to be seamless and secure for your customers
Note
If Customer Portal is not used, Users can be registered created using API.
Users and Subscriptions¶
Users access your SaaS Product by creating subscriptions to the plans you've defined. This relationship is fundamental to how your platform operates and how customers consume your services.
To learn more about managing subscription see the Subscription Management documentation.
User Management Operations¶
Once users have signed up and are actively using your SaaS Product, you will need to manage those users and perform various operations as required.
Omnistrate enables the following user management operations:
User Suspension¶
Users can be temporarily suspended in various situations, such as when policy violations occur, billing issues arise, or security concerns are identified. Suspending a user:
- Temporarily blocks their access to the platform
- Preserves their account data and subscription information
- Prevents them from creating new instances or accessing existing ones
- Maintains their subscription relationships for potential reactivation
This provides flexibility for addressing temporary issues while preserving the user's investment in your platform.
User Reactivation¶
Suspended users can be reactivated seamlessly, restoring full access to their subscriptions and services. Reactivation:
- Restores complete platform access
- Allows users to resume their previous activities
- Maintains continuity of their subscription and instance data
- Ensures a smooth experience when issues are resolved
This ensures users can quickly return to productivity once any concerns have been addressed.
User Verification¶
User verification allows you to confirm the authenticity and legitimacy of user accounts. This is useful in the case where you look to validate users email with a different mechanism that the out of the box emails sent by the Customer Portal.
User Export¶
The user export functionality allows you to extract comprehensive user data for reporting purposes.
User Deletion¶
Users can be permanently deleted when necessary. Omnistrate supports both SaaS Provider-initiated deletion and customer self-service account deletion to help you meet regulatory requirements such as GDPR.
SaaS Provider-initiated deletion¶
As a SaaS Provider, you can delete users from the Operations Console or via API. This operation is typically used for:
- Removing inactive or abandoned accounts
- Cleaning up test or duplicate accounts
- Enforcing terms of service violations
To delete a user from the Operations Console:
- Navigate to Tenant Management > User Management.
- Locate the user you want to delete.
- Click Delete on the user record.
- Confirm the deletion.
Self-service account deletion (GDPR compliance)¶
Omnistrate supports self-service account deletion, allowing your customers to delete their own accounts directly from the Customer Portal. This capability helps you comply with data protection regulations such as the GDPR "right to erasure" (Article 17).
When a customer initiates account deletion through the Customer Portal:
- The customer navigates to their account settings in the Customer Portal.
- The customer selects the option to delete their account.
- The system verifies that the customer has no active deployment instances. If active instances exist, the customer must delete them before proceeding.
- Upon confirmation, the user's personal information, subscriptions, and access rights are permanently removed.
Warning
User deletion is permanent and irreversible. All associated personal information is permanently removed from the system. Ensure you have communicated this to your customers before enabling self-service deletion.
What gets deleted¶
When a user account is deleted, the following data is permanently removed:
| Data type | Description |
|---|---|
| User profile | Email, name, and all personal information |
| Subscriptions | All subscription records associated with the user |
| Access rights | All role assignments and permissions |
| Organization membership | Membership in any organizations |
Note
Active deployment instances are not automatically deleted when a user account is removed. Instances must be deleted before the user account can be removed. This prevents accidental data loss for shared resources.
Enabling self-service deletion in the Customer Portal¶
Self-service account deletion is available by default in the Customer Portal. Customers can access this option from their account settings. If you use a custom-built portal, you can implement account deletion using the Omnistrate API.