Skip to main content

User creation

User accounts may be created in various ways:

  • By the installation script for administrators
  • From the registration form and process
  • Automatically when connecting with LDAP
  • Automatically when connection with OpenId Connect
  • Manually by another user with specific rights

Installation script

Spider Helmchart allows automatic creation of administrators at installation.
This is, in fact, the only way to create the first administrator account allowing to set rights of others users.

The settings are described here: Admin creation

The installation script does not set the administrator password.
For them to connect, they need:

  • Either to reset their password when the account is local to Spider
  • Or connect with LDAP or OpenId when the account is management externally

User registration process

The user registration form is accessible below the login form (when active - option accounts.creationForm):

  • https://{pathToSpider}/login

CreationFormAccess.png

Mandatory fields are marked with a star.
Others fields are mostly for statistics.

CreationFormContent.png

On creation, depending on Spider configuration, the process varies:

  1. An email is sent to the new user address with a confirmation link

CreationFormConfirm.png

  1. A mail may be sent to supportEmails of the account creation
    • Option accounts.mailOnCreation

CreationFormAccountCreated.png

  1. The user clicks on the link to validate his email

CreationFormConfirmed.png

  1. The support team may have to validate the new account. They will be informed by mail.
    • Option accounts.adminActivation

CreationFormAccountToValidate.png

Comments filled in by the user in the registration form will be included in the informative mail.

  1. Once validated, the user receive another email to inform him of the validation

CreationFormValidated.png

  1. He may then login to Spider!

User account validation

When accounts.adminActivation is set, a mail is sent to administrators to validate any new account.

  1. The new user account is created as DRAFT.
  2. To validate it, the administrator / support has to:
    1. Search for the user
    2. Edit its profile
    3. Change its status to ACTIVE

CreationFormValidate.png

Automatic creation from LDAP or OpenId Connect

Spider can be configured to allow external authentication of users:

  • From an LDAP
    • Option ldapAuth
  • From an OpenId Connect provider
    • Option oidcAuth
    • You may allow many of them

When activated, the login form displays:

  • A message for LDAP option
    • The user logs in by entering his email and password of his LDAP account.
  • A button for each OIDC provider
    • The user is redirected to the provider's login page to connect
    • In this case, connection may be done in various ways, with MFA, device token, passkey etc. Up to the provider configuration.

ExternalAuth.png

Manual creation

A user with admin rights or with Create users right may create users manually.

UserMngtRights.png

This is useful when you do want to manage manually users having access to Spider.

To do so:

  1. Open the creation form

CreateUser.png

  1. Fill in the mandatory fields

CreateUserForm.png

  1. Generate a password
  2. Set the status to Active
  3. You may force the user to validate its email by clicking on the option
    • In this case a mail is sent to the user that has to validate his email address by clicking on the embedded link.