Managing users

If you have an owner or admin role for the Next-Gen WAF control panel, you can manage the users in your corp (also known as account).

Managing users as an owner

Owners can view and manage all users on the corp (account) by going to the Corp Manage menu and selecting Corp Users. This page lists all the users in the corp (account), along with their roles, site memberships (also known as workspace memberships), and whether they have 2FA enabled, as well as the list of pending user invitations.

Inviting users

To invite a new user so they can be added to your corp (account), complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the corp navigation bar, click the Corp Manage menu and then select Corp Users.
3. Click Add corp user.
4. In the Email field, enter the user's email address.
5. In the Role section, select which role the user should have.
6. In the Site memberships section, select which sites (workspaces) the user should be a member of. A user must belong to at least one site.
7. Click Invite user.

When the user is invited, they’ll receive an email to register an account. They must click the Accept invite button at which point they’ll be prompted to set their account password. After creating their account, they will then have access to all the sites they’re a member of. The invitation is valid for 3 days. If the invitation is expired, resend the invite by clicking the pending user’s row and clicking the Resend Invite button from the User Edit page.

Editing user details

To edit a user's email address, their roles in your corp (account), or their site memberships, complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the corp navigation bar, click the Corp Manage menu and then select Corp Users.
3. In the list of users, click on the user.
4. Edit the Email address field as necessary.
5. Click Edit corp user.
6. Edit the Role and Site memberships sections as needed.
7. Click Update user.

Deleting users from your corp (account)

To delete a user from your corp (account), complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the corp navigation bar, click the Corp Manage menu and then select Corp Users.
3. In the list of users, click on the user.
4. Click Remove corp user.
5. Click Delete corp user.

Other user management tasks as an owner

In addition to managing users and their basic membership settings, you can also manage the following settings at the user level:

• Enabling single sign-on. Check out our guide to setting up single sign-on for more information on enabling single sign-on via SAML 2.0 and Google Apps.
• Bypassing SSO for specific users. If your corp (account) has single sign-on enabled, an Owner user can set a user to bypass SSO, allowing them to log in to the Next-Gen WAF control panel via username and password without needing to authenticate through your SSO provider.
• Granting and restricting user permissions for API access tokens. Check out our guide on using our Next-Gen WAF API for information about personal API access tokens and granting or restricting user permissions for them.
• Managing two-factor authentication (2FA). Check out our guide to enabling and disabling 2FA for the Next-Gen WAF control panel.

Managing users as an admin

Admins have limited user management abilities for any sites (workspaces) they are a member of.

Inviting new users to a site (workspace)

To invite new users to a site (workspace), complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the Sites menu, select a site if you have more than one site.
3. From the Manage menu, select Site Settings.
4. Click Users.
5. From the Manage site users menu, select Invite new user.
6. In the Email field, enter the user's email address.
7. In the Role section, select which role the user should have.
8. Click Invite site user.

When the user is invited, they’ll receive an email to register an account. They must click Accept invite at which point they’ll be prompted to set their account password. After creating their account, they will then have access to all the sites (workspaces) they’re a member of. The invitation is valid for 3 days. If the invitation is expired, resend the invite by clicking the pending user’s row and clicking Resend Invite from the User Edit page.

Assigning existing users to a site (workspace)

To assign existing users to a site (workspace), complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the Sites menu, select a site if you have more than one site.
3. From the Manage menu, select Site Settings.
4. Click Users.
5. From the Manage site users menu, select Assign existing users.
6. From the menu, select a user to add to the site.
7. Click Assign to site.

Removing users from a site (workspace)

To remove users from a site, complete the following steps:

1. Log in to the Next-Gen WAF control panel.
2. From the Sites menu, select a site if you have more than one site.
3. From the Manage menu, select Site Settings.
4. Click Users.
5. In the list of users, click on the user.
6. Click Remove site user.
7. Click Remove user.

All users must belong to at least one site (workspace). If this is the only site (workspace) the user is a member of, you will not be able to remove the user. Instead, an Owner user will need to delete them from the corp (account).

Configuring account session timeouts

To set a custom timeout duration for your corp (account) in the Signal Sciences control panel, follow these steps:

1. Log in to the Next-Gen WAF control panel.
2. From the Corp Manage menu, select User Authentication.
3. Under Account Timeout, click on a pre-set duration or click Custom to specify a custom duration. If selecting Custom, enter the custom duration in the Days, Hours, Minutes, and Seconds fields.
4. Click Update Timeout to save the new timeout duration.