If you're not using External Login Providers aka Single Sign-In (SSO) Providers (GDrive, Azure / Microsoft Graph, etc..) to handle the creation of User accounts* then Curiosity supports this.
* (or even if you are using external providers but you want to add additional User accounts aside from those imported from the external organizations)
Not all User accounts require full access to everything in the system. As an Admin User of Curiosity, you can control what other Users do and do not have access to. This may be configured at the "task level" (eg. a User Can Manage Notifications or a User Cannot Manage Notifications) and it may be done at the individual node level (which will be described in a separate article - see Specifying node level permissions for particular Users or Teams). It's also possible to configure node level permissions by assigning Users to a Team and then setting the permissions for the Team, but this is described in a separate Teams article.
Conversely, this need not be about creating User accounts with fewer permissions, you may wish to grant additional privileges to a User account that was created within Curiosity via an external provider SSO login.
To get started, click on the Curiosity menu button and then Settings and then Accounts. This will display a list of the current Users and allow you to make changes, such as:
- editing existing User accounts
- deleting existing accounts
- creating new ones
To edit the task level access rights of an existing User, click on their name.
To give them full administrative privileges, click only the top role to change it from "Normal User" to "System Administrator (has all roles below)" -
(Note that only an Admin User can give another User full administrative privileges - even Users that have the "Can Manage Users" role can not give any User account more access to the system than their own account has)
Alternatively, specify permissions in a more granular fashion -
Click Save User to close the popup and save any permissions changes made or click the X close button to discard any changes.
To reset a password for a User, there is a button specifically for this purpose—the key icon that appears by each entry in the list of Users.
(Note that changing the password for a User account that is logged into via an external SSO provider will only have an effect until that User next logs in through SSO, at which point their password will be reset to a random value to encourage them to login solely via SSO and never have to enter their email address and password directly into Curiosity)
To delete a user, click the Delete button next to the Change Password. Note that deleting a User only deletes their account, it does not delete any data that has been imported that is related to them. If there were any nodes that only that User had access to then there will now be nobody in the system that has access to the node.
(It would be possible to fix a "no existing User in the system has access to this node" problem via the Shell, where Admin Users can directly change the graph but the details of how that would be achieved are outside the scope of this article)
To create a completely new User account, click on + New User and a popup will appear that looks very similar to the Edit User popup.
Enter a unique User Name (note that this can not be changed after the User has been created), a First Name, Last Name, Email Address, and enable any additional "User Roles" privileges that are appropriate.
Click + Create User.
If an SSO login is successfully completed that uses the same email recorded against a User then the SSO login process will presume that the User account in Curiosity is intended to represent the same person logging in from the external system. If this happens then the First Name, Last Name and profile image will be updated to match the external system. Any additional access rights will be unaffected, so you may wish to create a User account for someone that will log in via an external SSO provider in the future, in order that they have additional access rights granted to them in Curiosity as soon as they first log in.