Users
Create and manage users, their roles, and permissions.
In Connectware, users are a known identity (person or software/hardware agent) with associated data permissions and/or administrative access. This chapter guides you through the user management in Connectware, from creating new users to assigning permissions.
Each permission represents a specific access right to a resource, whether it is an MQTT topic or an HTTP endpoint, with clearly defined read and/or write capabilities.
Before creating individual users, establish a clear role-based access control strategy by defining roles that correspond to job functions within your organization. This approach simplifies user management and ensures consistent application of security policies.
During installation, Connectware creates a default administrator user to ensure immediate system access. This user is named admin and has the connectware-admin role assigned to provide comprehensive permissions. For more information, see Default Admin User.
Users View
The Users View provides a comprehensive view of all users in Connectware, including their assigned roles and permissions.
To open the Users View, click User in the navigation panel.
Adding New Users
In the Users View, click Add User to open the Create User dialog.
Do one of the following:
To add users with pre-defined roles quickly, use the default mode.
To define roles and permissions more granularly, use the advanced mode.
Default Mode
In the Create User dialog, enter the username, password, and password confirmation.
Optional: To assign a set of pre-defined roles to the user, click the Roles field and select a role. You can repeat this step to assign multiple roles.
Click Create. The dialog will close, and the new user will appear in the overview table.
Advanced Mode
In the advanced mode, you can assign a set of pre-defined roles to the user and/or individual permissions.
We recommend to manage permissions through roles rather than individual user permissions for easier maintenance. For more information, see Roles.
In the Create User dialog, enter the username, password, and password confirmation.
Activate Advanced Mode.
Optional: To assign a set of pre-defined roles to the user, click the Roles field, select a role, and click Add. You can repeat this step to assign multiple roles.
Optional: To assign individual permissions, click the + button to open the Add Permission dialog.
Select the permission type: HTTP for accessing the REST API using HTTP clients or MQTT for accessing MQTT topics on CybusMQ.
In the Endpoint field, enter the resource path, which follows MQTT topic conventions. The specified topic can be a single topic or a wildcard. HTTP permissions for the resource path follow an MQTT topic structure. This means that you can use wildcards (# and +) in valid expressions, and paths must start with a leading slash (/).
Select the access type: read, write, or both.
Click Add to add the permission.
Click Create. The dialog will close, and the new user will appear in the overview table.
Deleting Users
You can delete users that are no longer needed.
Deleting a user is permanent and cannot be undone. Before proceeding, ensure that you have backed up any important user-specific configurations or transferred necessary permissions to other users.
In the navigation panel, click User.
In the Users View, click the user that you want to delete. This opens the Edit User dialog.
Click the Delete button in the top right of the Edit User dialog.
Click Delete again to confirm. The user will be deleted.
Changing User Names
In the Users View, click the user that you want to edit. This opens the Edit User dialog.
In the Edit User dialog, enter a new username in the Username field.
Click Update to apply the changes. The dialog will close, and the username will be updated.
Adding Roles to Users
Roles provide a convenient way to assign multiple permissions at once. By adding roles to users, you can quickly grant them access to specific system functions without configuring individual permissions.
Assign roles based on job functions or responsibilities rather than individual users to maintain consistent access control across your organization.
In the navigation panel, click User.
In the Users View, click the user to whom you want to add roles. This opens the Edit User dialog.
In the Edit User dialog, click the Roles field to open the list of available roles.
Click the Roles field and select a role. You can repeat this step to assign multiple roles.
Click Update. The dialog will close and the user will be updated with the selected roles.
Removing Roles from Users
When a user's responsibilities change, you may need to remove roles from them to adjust their access permissions.
Removing a role removes all associated permissions from the user.
In the navigation panel, click User.
In the Users View, click the user from whom you want to remove roles. This opens the Edit User dialog.
In the Edit User dialog, click the x next to the role name in the Roles field to remove the role.
Click Update. The dialog will close and the user will be updated.
Assigning Permissions to Users
While roles are the recommended way to manage permissions, there may be cases where you need to grant specific permissions to individual users without creating a new role.
In the navigation panel, click User.
In the Users View, click the user to whom you want to assign individual permissions. This opens the Edit User dialog.
In the Edit User dialog, activate Advanced Mode.
To assign individual permissions, click the + button to open the Add Permission dialog.
Select the permission type: HTTP for accessing the REST API using HTTP clients or MQTT for accessing MQTT topics on CybusMQ.
In the Endpoint field, enter the resource path, which follows MQTT topic conventions. The specified topic can be a single topic or a wildcard. HTTP permissions for the resource path follow an MQTT topic structure. This means that you can use wildcards (# and +) in valid expressions, and paths must start with a leading slash (/).
Select the access type: read, write, or both.
Click Add to add the permission.
Click Update. The dialog will close, and the user will be updated with the new permissions.
Removing Permissions from Users
When specific permissions are no longer needed, you can remove them while keeping other permissions intact.
Removing individual permissions does not affect permissions granted through roles. To completely remove access to a resource, ensure the user doesn't have access through any assigned roles.
In the navigation panel, click User.
In the Users View, click the user to whom you want to assign individual permissions. This opens the Edit User dialog.
In the Edit User dialog, activate Advanced Mode.
To remove a permission, click its Remove button in the Action column of the permissions list.
Click Update. The dialog will close, and the user will be updated.
Changing User Passwords
Regularly updating passwords is an important security practice.
In the navigation panel, click User.
In the Users View, click the user for whom you want to change the password. This opens the Edit User dialog.
In the Edit User dialog, click Change Password.
In the Password field, enter the new password and confirm it in the Confirm Password field.
To apply the changes, click Update. The dialog will close and the user will be updated with changes.
Last updated
Was this helpful?