Skip to main content

User Management

The Administration console allows you to manage Users within your Airia application under settings to Add, Edit, or Delete the users created in the platform or by integrating with your identity provider for SSO and user & group provisioning.

Airia supports setting up SSO for your organization using OpenID Connect (OIDC) and provisioning users & groups using SCIM 2.0.

We have a short tutorial on how to manage user to get you started.

Thumbnail

To Add a New User:

  1. Scroll down on the left side navigation bar.
  2. Select “Settings”
  3. Select “Users”
  4. Select “Create User”
  5. Add the:
  • First Name
  • Last Name
  • Email
  1. Of the user you would like to create and select “Create”

To Delete a User:

  1. Scroll down on the left side navigation bar.
  2. Select “Settings”
  3. Select “Users”
  4. Select the “...” menu next to the user you would like to delete
  5. Select “Delete User”

To Edit a User:

  1. Scroll down on the left side navigation bar.
  2. Select “Settings”
  3. Select “Users”
  4. Select the “...” menu next to the user you would like to edit
  5. Select “Edit User”

To configure SSO:

Configuring SSO

To set up Single Sign-On (SSO) for your organization:

  1. Navigate to SSO Settings:
    • Scroll down the left-side navigation bar.
    • Select Settings > SSO.
  2. Enter Your Identity Provider (IDP) Details:
    • Provide a friendly display name for your identity provider.
    • Create an OIDC app registration in your IDP eg. EntraID, Okta, Ping
    • Copy the redirect URI generated into your identity provider settings.
    • Enter the OIDC discovery endpoint in Airia to populate the URI.
    • Input your Client ID and Client Secret.
    • Specify the domains that should redirect to your IDP for authentication.
  3. Manage Access:
    • Set the default role appropriately to ensure Just-In-Time (JIT) created users have the appropriate permissions.
      • Control user access to the Airia platform via your OIDC application settings in your identity provider to ensure that only approved users or groups can authenticate.

Note: For Microsoft Entra integration, only OIDC v2 is supported.

To provision users and groups from an identity provider:

Configuring user & group provisioning

To configure user and group provisioning for your organization:

  1. Configure and test your SSO Settings as a prerequisite to SCIM 2.0 based provisioning.
  2. Enable user and group provisioning in your enterprise application in your IDP.
  3. Copy the SCIM API endpoint and the secret token from your Airia tenant to the enterprise application in your IDP
  4. Add the following required attributes to your users and groups
    • Users
      • Navigate to the User attribute mapping
      • Add a custom attribute "Enterprise" of type string mapped to a static value for your enterprise name.
      • The enterprise name associated with your Airia tenant can be found by navigating to your profile in the top right. This name corresponds to the value in the Workspace field above the logout button.
    • Groups
      • Navigate to Group attribute mappings and edit the group's display name and change it to expression appending the domain name.
      • Add a custom attribute for 'IdentityGroupName' and map it to the group's displayName appended with the domain.
  5. Navigate to back to the enterprise application's provisioning settings and configure whether you want to push all users and groups or specific users and groups on demand.

Note: IDP provisioned Users and groups are managed in your IDP. The users and groups list view will reflect the source of the users and groups as 'IDP' to indicate they are not locally created in the Airia platform