Users Management

Creating a User

To create a new user in SyncNow, follow these steps:

Navigate to the Users Page
- From the main menu, select the "Users" option to access the user management interface.

Press the Add User Button
- Click on the "Add User" button to initiate the process of creating a new user.
Input Required Information
- Fill in the necessary details about the new user, including:
  - Username: A unique identifier for the user.
  - Email Address: The user's email for communication and password recovery.
  - First Name and Last Name: The user's personal details.
  - Role: Assign a role to the user, which determines their access level and permissions within the application.
- Ensure all mandatory fields are completed before proceeding. A new user has been created.

Adding User

Create the User
- Once all required information is provided, click the "Save" button to create the new user account. The user will now appear in the users list.

Resetting a User Password

Only SyncNow Admins have the authority to reset a user's password. To reset a password, follow these steps:

Navigate to the Users Page
- Access the "Users" section from the main menu.
Press the Reset Password Button
- Locate the user whose password needs resetting and click the "Reset Password" button next to their name.
Fill Out the Reset Password Form
- In the dialog that appears, input the necessary information to reset the user's password. This typically includes:
  - New Password: Enter a strong, secure password.
  - Confirm New Password: Re-enter the password to confirm it.
- Click "Submit" to finalize the password reset.

Account Lockout

SyncNow employs an account lockout mechanism to protect against unauthorized access through repeated failed login attempts. Here's how it works:

Lockout Trigger
- After a specified number of failed sign-in attempts, a non-administrator user's account will be locked permanently to prevent further attempts.
Unlocking a User Account
- Users with the Configuration Editor privilege can unlock a locked account. To do this:
  - Navigate to the "Users" page.
  - Press the "Unlock User" button next to the locked user's account.
  - Confirm the action to unlock the account.
Administrator Account Lockout
- If an administrator account gets locked, it will be unlocked automatically after a specified duration. This duration can be set in the Service Settings.

Lockout Settings

An important aspect of SyncNow's security is configuring the account lockout settings to balance security and usability. Here's how to manage these settings:

Set the Number of Allowed Failed Sign-In Attempts
- Users with the Configuration Editor privilege can define the maximum number of sequential failed sign-in attempts before an account is locked:
  - Go to the "Service Settings" page.
  - Set the desired number of allowed failed attempts.
  - Save the settings to apply the changes.

Set Time Duration for Administrator Account Lockout
- To define the lockout duration for administrator accounts:
  - Go to the "Service Settings" page.
  - Enter the desired lockout duration.
  - Save the settings to apply the changes.

Adding a Group to a User

To manage user permissions effectively, you can assign users to specific groups. Follow these steps to add a user to a group:

Navigate to the Users Page
- Access the user management interface by selecting "Users" from the main menu.
Press the Edit Button
- Find the user you want to modify and click the "Edit" button next to their name.
Select Groups
- In the user details form, select the groups you wish to add the user to from the available list. Groups determine the permissions and access levels for the user.
Save Changes
- After selecting the appropriate groups, press the "Save" button to update the user's group memberships.

By following these procedures, administrators can effectively manage users and maintain a secure environment within SyncNow.

User API Tokens

Introduction

Enhanced Security: SyncNow now supports user-initiated API tokens for secure authentication of systems webhooks and interactions with SyncNow.
User-Specific Tokens: Each token is tied to a specific user, ensuring precise control over access and permissions.

Creating a User API Token

Navigation: To create an API token, navigate to the User Management section in SyncNow.
Token Generation: Select the user for whom the token is to be created and generate a new API token.
Secure Storage: Ensure that the token is securely stored, as it will be used for authenticating requests to SyncNow.

Usage of API Tokens

Webhook Authentication: Systems webhooks can use the generated API token to authenticate their requests to SyncNow, enhancing the security and reliability of webhook communications.
Generic Connector Integration: The API token can also be utilized by the generic connector to report through the SyncNow DevOps Gate endpoint, facilitating seamless and secure data synchronization.

Benefits of User API Tokens

Improved Security: By using user-specific tokens, SyncNow ensures that only authorized requests are processed, reducing the risk of unauthorized access.
Enhanced Control: Administrators can manage and revoke tokens as needed, providing granular control over who can access and interact with SyncNow.
Simplified Integration: The use of API tokens simplifies the integration process for systems and connectors, making it easier to authenticate and communicate with SyncNow.

Example: Creating and Using an API Token

Create Token:
- Navigate to the User Management section.
- Select the user and generate a new API token.
- Copy and securely store the token.
Authenticate Webhook:
- Use the API token in the authorization header of the webhook request to SyncNow.
- Example:
```
Authorization: Bearer YOUR_API_TOKEN
```
Integrate with Generic Connector:
- Configure the generic connector to use the API token when reporting to the SyncNow DevOps Gate endpoint.
- This ensures secure and authenticated data reporting and synchronization.