ProcessMaker API Documentation
ProcessMaker Examples

Edit a User Account

Edit a user account.

Permissions Required

Your user account or group membership must have the following permissions to edit a user account unless your user account has the Make this user a Super Admin setting selected:

  • Users: Edit User

  • User: View Users

See the Users permissions or ask your Administrator for assistance.

Edit a ProcessMaker User Account

Follow these steps to edit a user account:

  1. View all user accounts. The Users tab displays.

  2. Click the Edit iconfor the user account to edit.

User Information

Edit General Information

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Profile section.

  2. In the General Information section, change the following information:

    • In the First Name setting, edit the person's first name. This is a required setting.

    • In the Last Name setting, edit the person's last name. This is a required setting.

    • In the Job Title setting, edit the person's organizational job title.

  3. In the Contact Information section, change the following information:

    • In the Email setting, edit the person's unique business email address. This is a required setting.

    • In the Phone setting, edit the person's business telephone number.

    • In the Fax setting, edit the person's business fax number.

    • In the Cell setting, edit the person's cell phone number.

  4. In the Address section, change the following information:

    • From the Country drop-down menu, select the country for the person's business address.

    • In the Address setting, edit the person's business address.

    • In the City setting, edit the city for the person's business address.

    • From the State or Region drop-down menu, select the state, region, or province for the person's business address.

    • In the Postal Code setting, edit the person's business postal code.

  5. Click Save.

Edit User Settings

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Settings section.

  2. From the Date Format drop-down menu, select the format for how dates are displayed for this person from the following options:

    • m/d/Y (12/31/2017)

    • m/d/Y h:i A (12/31/2017 11:30 pm)

    • m/d/Y H:i (12/31/2017 23:30)

    • d/m/Y (31/12/2017)

    • d/m/Y h:i A (31/12/2017 11:30 pm)

    • d/m/Y H:i (31/12/2017 23:30)

    • Y/m/d (2017/12/31)

    • Y/m/d H:i (2017/12/31 23:30)

    • d.m.Y H:i (31.12.2017 23:30)

    • Y-m-d H:i (2017-12-31 23:30)

  3. From the Time Zone drop-down menu, select the time zone in which to display times for this person.

  4. From the Language drop-down menu, select in which language to display ProcessMaker labels. Note that English-language is the default language and the only natural language provided without the Translations package. However, if the Translations package is installed, you may display the user interface labels and messages in German, Spanish, or French languages. Changing this profile setting only affects this user account.

    Optionally, select one of the following non-English languages if the Translations package is installed:

    • German: Select the de option.

    • Spanish: Select the es option.

    • French: Select the fr option.

  5. From the Status drop-down menu, select the status of the user account from the following options:

    • Active: An Active user account is one in which a person can use it to log on to ProcessMaker.

    • Inactive: An Inactive user account is one in which a person cannot use it to log on to ProcessMaker.

  6. Click Save.

Edit the User Avatar

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Avatar section.

  2. Do one of the following:

    • Upload an avatar: If there is no avatar image, the initials for that person's full name display. Click the Upload Avatar button. The Browse button displays. Continue to step 4.

    • Change an avatar: Select the Change button to upload a new avatar image. Continue to step 4.

    • Remove the current avatar: Click the Clear button. The initials for that person's full name display. Continue to step 7.

  3. From the Upload Avatar screen, click the Browse button to locate the image to be your avatar.

  4. Locate and then select the image to be your avatar. The image fits into the Upload Avatar screen.

  5. Adjust the size of the image using the image size indicatorto fit well inside the circle where the avatar displays, and then click Save. The avatar displays in the Avatar section.

  6. Click Save to save the profile.

Edit User Log On Credentials

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Login Information section.

  2. In the Username setting, edit the username for the person's user account. This is a required setting.

  3. In the New Password setting, edit the password to log on with the user account. Leave the New Password setting blank to keep the current password. Passwords must be at least eight (8) characters long. Password special characters are recommended. Password validation indicates how strong your password is if you enter a new password.

  4. In the Confirm Password setting, confirm that the password matches that entered into the New Password setting if a new password was entered. If you entered a new password, password validation indicates if the New Password and Confirm Password values do not match.

  5. Click Save.

Configure the Homepage Dashboard, Redirect URL, and/or Menu

If the Dynamic UI package is installed, configure a custom homepage and/or a menu for a user when that user logs on to ProcessMaker. A custom homepage is either a dashboard that displays to the user or redirects that user to a specified URL. The redirected URL may be to an external site, such as to an organization's portal, or to a ProcessMaker location such as a specified Collection or Saved Search to which that user has access.

The custom homepage and menu are configured separately.

The Dynamic UI package must be installed.

See the following homepage configurations for the user account:

Select the Homepage Dashboard for the User

A dashboard displays important and relevant business management information (BMI) and key performance indicators (KPI) to specific business stakeholders when they need it. After the user logs on to ProcessMaker, the dashboard displays instead of the default ProcessMaker page.

The user does not experience the change until the next time that user logs on.

Follow these steps to select the dashboard for the user account's homepage:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the My Dashboard option.

    The Dashboard setting displays.

  3. From the Dashboard drop-down menu, select the dashboard as the homepage for the user account.

  4. Click Save.

Configure the Homepage to Redirect to a Destination for the User

Overview

Configure a custom homepage for a user that redirects to a specified URL when that user next logs on. The redirected URL may be to an external site, such as to your organization's portal, or to a ProcessMaker location such as a specified Collection or Saved Search to which that user has access.

See the following sections for information to redirect to a Collection or Saved Search since both require unique conditions to configure properly:

Redirect to an External Site

Specify a URL that redirects a user to an external site such as to your organization's portal:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the external site's URL to redirect to that location upon next log on.

  4. Click Save.

Redirect to a ProcessMaker Collection

Specify a URL that redirects a user to a Collection when that user next logs on.

Ensure that the user has the following:

Otherwise, that user cannot access the Collection.

If a user cannot access a Collection, the following message displays instead of the Collection: Unauthorized.

Locate the Collection's URL prior to configuring this setting.

Follow these steps to configure the redirect URL to a Collection as the user account's homepage:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the Collection's URL to redirect to that Collection upon next log on.

  4. Click Save.

Specify a URL that redirects a user to a Saved Search when that user next logs on.

Ensure that the user has been shared the Saved Search; otherwise, that user cannot access the Saved Search.

If a user cannot access a Saved Search, the following message displays instead of the Saved Search: Unauthorized.

Locate the Saved Search's URL prior to configuring this setting.

Follow these steps to configure the redirect URL to a Saved Search as the user account's homepage:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the Saved Search's URL to redirect to that Saved Search upon next log on.

  4. Click Save.

Select the Menu for the User

A custom menu replaces the default top menu that displays in ProcessMaker.

The user does not experience the change until the next time that user logs on.

Follow these steps to select the menu for the user account's homepage:

  1. Locate the Dynamic UI section.

  2. From the Top Menu drop-down menu, select the custom menu for the user account to replace the default top menu.

  3. Click Save.

Edit to Which Groups the User is a Member

Specify to which group(s) the user is a member. Permissions are additive for the user: any permission(s) assigned to the group that user is a member also apply to that user.

As a best practice, do not assign the same user to multiple groups that contain distinct sets of permissions. For example, do not assign a user to a group in which its members have Requests category permissions and to another group assigned with all permissions; otherwise, that user has all permissions.

Follow these steps to edit the following information in the Groups tab about which group(s) this user account is a member as necessary:

  1. Click the Groups tab. The Groups tab displays all groups created in your ProcessMaker instance. If no groups have been created, the following message displays: No Data Available. See Create a Group.

    The Groups tab displays the following information:

    • Name: The Name column displays the name of the group.

    • Description: The Description column displays the description of the group.

    • A toggle key represents whether the user is a member of that group.

  2. Follow these guidelines to select group memberships for the user:

    • Select the toggle key for each group to which you want the user to be a member. When the toggle key is enabled for a group, that user becomes a member of that group. When the toggle key is disabled for a group, that user is not a member of that group.

    • Enter in the Search setting the text to filter groups by their name.

  3. Click Save.

Edit User Permissions

Follow these steps to edit the following information in the Permissions tab about the person associated with the user account as necessary:

  1. Click the Permissions tab. The Permissions tab displays permissions assigned to that user account.

  2. In the Permissions tab, change which permissions from each permission category to assign that user account if necessary. Follow these guidelines to change permission assignments:

    • Super Admin: Assign the Make this user a Super Admin option to grant unrestricted access to the entire ProcessMaker instance. In doing so, ProcessMaker does not check permissions for user accounts with this setting selected, allowing such users to administer and install packages which might otherwise require permissions be granted to a user account to perform. Users whose account have this setting may do the following:

      • Start a Request for any Process regardless of whether any Process model grants such a user permission to do so.

      • View the Tasks as displayed in the Task column of Request summaries by clicking a link to that Task. Users that do not have the Make this user a Super Admin option do not have a hyperlink to Tasks from Request summaries.

    • Select the Assign all permissions to this user checkbox to assign all permissions to the user account.

    • Click on a permission category to expand the view of individual permissions within that category. Click on an expanded permission category to collapse that category. If you don't intend to assign this user account with any group(s), then assign permissions to this user account. Note that if this user account is assigned to any group(s), the permissions set in the group(s) take apply to those assigned to the user account. See Permission Descriptions for Users and Groups.

  3. Click Save.

Manage API Tokens for the User

Use an API token with a user account to successfully make calls to our REST API from an external third-party application or a Script. For security purposes, the API token must not be expired for that API token to work.

A user must have a valid API token to successfully make calls to our RESTful API from an external third-party application.

Follow these steps to manage API tokens for a user account:

  1. Click the API Tokens tab.

  2. Manage the API tokens for the user account as necessary:

Generate an API Token

An API token is required to successfully make calls to our REST API from an external third-party application or a Script. For security purposes, the API token must not be expired for that API token to work. An API token is valid for one calendar year from its creation date.

To share the generated API token with the person to whom uses the user account requires copying the API token and the time that the API token generates. If you neglect to copy and share the generated API token at the time ProcessMaker generates it, there is no opportunity to view and copy it again; you must generate another API token.

Follow these steps to generate an API token that allows that user account:

  1. Click the API Tokens tab.

    The API Tokens tab displays the following information about each generated API token:

    • ID: The ID column displays the automatically-generated ID for the API token.

    • Created At: The Created At column displays the date the API token was generated.

    • Expires At: The Expires At column displays the date the API token expires.

  2. Click +Token. The New Token screen displays.

  3. Click the Copy Token to Clipboard button.

  4. Share the API token with the person to whom uses this user account. Ensure not to close the New Token screen until you do so.

  5. Click Close. The API token displays in the API Tokens tab. Make note of when the API token automatically expires.

  6. Click Save.

Delete an API Token

Delete an API token from a user account when that API token expires or to restrict that user from making calls to our REST API from an external third-party application or a Script.

Deleting a valid API token revokes the user holding the token from using an external third-party application from successfully making calls to our RESTful API. Deleting an API token cannot be undone.

Follow these steps to delete an API token:

  1. Click the API Tokens tab.

  2. Click the Delete iconfor the API token to delete. A message displays to confirm deletion of the API token. The API token is referenced by its ID value.

  3. Click Confirm.

  4. Click Save.

View Security Logs for the User

For enhanced security and auditing purposes, ProcessMaker maintains a record of every log on and log off attempt by each user. Each user's account page contains a Security Logs tab that displays that user's successful/unsuccessful log on and log off attempts.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to view security logs for a user:

  1. Click on the Security Logs tab. The security logs display in a tabular format.

"Security Logs" tab displays the log on and log off events for a user

Each log entry contains the following information about that log event:

  • Event: The Event column displays the nature of the event. Possible values for this column include:

    • Login: This indicates a successful log on event.

    • Attempt: This indicates a failed log on event, indicating an incorrect password use.

    • Logout: This indicates a log off event. If the ProcessMaker instance is configured to only allow one device per user account be logged on to that ProcessMaker instance at a time, and another device logs on to an already logged on user account, that event is not recorded in the Security Logs tab because it is considered a session timeout. Session timeouts are not recorded.

  • IP Address: The IP Address column displays the IP address from which the log on or log off attempt occurred.

  • Browser: The Browser column displays the name of the web browser from which the log on or log off attempt occurred.

  • Operating System: The Operating System column displays the name of the operating system from which the log on or log off attempt occurred.

  • Occurred At: The Occurred At column displays the date and time at which the log on or log off attempt occurred.

Sort the Security Logs

For readability and ease of use, Security Logs are sorted to display the latest event first. This order is customizable and logs can be sorted based on any of the displayed columns.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to sort security logs:

  1. Click on the sort iconsfor a column to sort data in that column in ascending or descending order. See Control How Tabular Information Displays.

Search the Security Logs

Use the Search function to filter the security logs based on a certain criteria. For example, use an IP address in the Search field to see log on or log off attempts from that IP address only.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to search security logs:

  1. In the Search field, enter the text to search in any of the columns of the Security Logs. A filtered set of logs based on the search criteria displays.

Related Topics