The content on this page has been updated to reflect the behavior seen in the open beta version of strongDM's Admin UI.
There are two types of users in your strongDM organization:
- A User is an entity that represents any individual member of your organization who can log in to the strongDM GUI and CLI on their local machine, or to the Admin UI. In the User management area, each User may be added to one or more Roles(up to a maximum of 20). The Roles a User belongs to will determine what resources the User can access.
- A Service Account is a slightly different type of entity that allows for programmatic access to strongDM resources. See the Service Accounts page for more details.
Permissions and Rules determine what resources a User has access to, as well as what level of access. The administrative actions available to the User for their organization in the Admin UI are determined by the Permission Level set for that User. The Permission Level of a User dictates their ability to add resources to the organization, edit those resources, or manage other Users.
There are a few labels that may appear next to the name of particular Users in the Admin UI.
Users who have a flag next to their name in the Users list are "high traffic" users. This just means that this User's actions will not show up in the Activities page in the Admin UI. They are still all available via
sdm auditat the command line.
Users who have a "New User" indicator next to their name are a self-service signup who have been added to no Roles and had no permissions granted to them at all.
In an organization with SCIM provisioning activated, Users that have an
sdmbadge next to their name are still managed fully through strongDM rather than through the identity provider.