Skip to main content

Manage application users

To make it easy to add users to your application and manage their platform roles, we recommend setting up a dedicated user management page. This page can include options to invite new users, view and edit user details, and add or remove users from platform roles.

You configure the page from Grexx Studio and then use the page to manage application users in each of your DTAP environments.

Configure a user management page

You can create a dedicated user management page using a page casetype. You may want to add some or all of the following elements to the page:

  • An activity to add new users. We recommend using a casetype activity to create an Invite user case. This option is not required if you enable open registration.
  • A grid widget displaying the Cases - Users dataset so that users can view a list of all existing users. You can also make activities available from the grid so that users can add new users and edit or remove existing users. For example, you might add the default Edit user and Close user activities from the User casetype, together with the Add user casetype activity that you have added to the page casetype.
  • A multivalue attribute for each platform role. Set the attribute data type to Case ID and associate it with a picklist based on the default Cases - Users dataset (or another dataset containing a subset of User cases) so that you can add existing users to each role.
  • Form activities so that you can add users to platform roles (by adding them to the relevant multivalue attributes).
  • Activity widgets so that users can perform each Add user to platform role form activity.

For each element, ensure that you grant rights to the appropriate role(s). For example, to make adding, editing, and removing users optional activities that only users in the Administrator role can perform, grant the Administrator role Request rights on each activity. Grant the same role rights to the grid and activity widgets so that users in the Administrator role can view the list of users and perform the user management activities. Finally grant the Administrator role permission on the relevant navigation item, so that users can find the user management page easily.

For more information about creating a page casetype and configuring what is displayed, see Configure pages and views.

Tip:

You can also perform form activities that add users to platform roles automatically. For example, you may want all new users created via a particular activity or with certain attributes to be added to the Manager platform role. To achieve this, trigger the platform role form activity (using an Execute and submit trigger) from an activity that creates new users or sets user attributes. For more information, see Chain activities together.

Add application users

Grexx Platform includes two options for adding users to your application:

  • Invite users: Configure an activity that creates an Invite user case. The Invite user system service casetype handles the invitation process, from emailing the invitee to expiring unused links. This option is ideal if you want to add users to your application manually or send invitations automatically as part of a chain of activities.
  • Open registration: Allow individuals to create accounts automatically. This option is useful if you want anyone within your organization to be able to access the application without being invited first. You can also use open registration to allow "guest users".

You can choose to use only invitations or open registration, or you can implement both options in the same application. Both options use XXID to manage user identities and provide authentication (login) mechanisms, including single-sign-on via Google Workspace and Microsoft 365.

Invite users

The Invite user system service casetype implements an invitation process for new users, including:

  • Emailing the invitee an invitation link.
  • Creating a new User case when a new user clicks the link and either enters their details or selects a single-sign-on option.
  • If a User case already exists for the invitee, associating the invitation with the existing user, thereby avoiding duplicate accounts.
  • Closing the Invite user case and invalidating the invitation link if it is not used within a specified period of time (7 days by default).

To use this option, configure a casetype activity that creates a new case of the Invite user casetype. (Do not use the System service - Invite user casetype; this casetype is invoked automatically by the Invite user casetype.) Add mappings to the activity to provide the invited user's name and email address. You can also use mappings to configure other details, such as the email content, the address that the invitation is sent from and the validity period of the link. For a full list of available options, refer to the Invite user system service.

You can configure several different activities that all create new Invite user cases. For example, you might want to invite new employees to log in to your application automatically while also having the option add users manually. You can implement the first option by triggering a Create user casetype activity (that creates an Invite user case) when the Add employee casetype activity is submitted. For the second option, you could add an Add user casetype activity (that also creates an Invite user case) to a user management page. For more information about triggering one activity from another, see Chain activities together.

Enable open registration

Open registration allows new users to access your application without being sent an invitation. When you enable open registration, you specify the allowed login methods. For example, to allow only members of your organization to access your application without being invited, restrict open registration to single-sign-on via your organization's identity provider.

To enable open registration, ask your Grexx coach to enable your preferred registration providers for one or more of your DTAP environments. Then, from your Studio open Platform > Platform settings and select Edit open registration. Select a page casetype to associate with the open registration activity and select the registration provider(s) you want to use.

You can trigger an activity each time a new user is created via open registration. For example, you can use this to send the new user a welcome email, add them to roles (either automatically based on their attributes or by assigning a task to an administrator), or assign tasks to the new user. The activity should be added to the page casetype associated with open registration. Once you have configured the activity (or the first activity in a chain of activities), add the activity to the Open registration settings.