Skip to content

Latest commit

 

History

History
79 lines (37 loc) · 3.87 KB

manage-users-in-directories-ff4d4a4.md

File metadata and controls

79 lines (37 loc) · 3.87 KB

Manage Users in Directories

Manage members in your directory using the SAP BTP cockpit.

Prerequisites

  • You're a directory administrator.

  • User management is enabled for this directory.

    If the feature isn't enabled already, you can do so using one of the following methods:

    • Go to the Account Explorer page, edit the directory, and then under Advanced, choose the Enable User Management option.

    • Navigate into the directory from the Account Explorer page, and then in the Users page, choose the Enable Entitlement and User Management option (if entitlement management is already enabled for the directory, then choose the Enable User Management option instead).

    Note:

    • The user management feature can be enabled only in combination with the entitlement management feature on the same directory in given path.

    • Only a single directory in any given directory path can have the user management and/or entitlement management features enabled. See Configure Entitlements and Quotas for Directories.

      For example, if you have 3 stacked directories in your account hierarchy and the middle directory has both the user and entitlement management features enabled, then neither of these features can be enabled for its parent or child directory since these two directories are in the same direct path as the middle directory.

  • Your platform user exists in a trusted identity provider.

    All users of SAP BTP are stored in identity providers, either in the default or in a custom identity provider. SAP BTP needs a copy of the user, sometimes called a shadow user. You assign the shadow user authorizations to access resources in SAP BTP. When a user authenticates, SAP BTP forwards the request to the identity provider.

    For more information, see Trust and Federation with Identity Providers.

Context

Assign predefined or custom role collections to users who need to manage or view the directory in SAP BTP cockpit. Examples of predefined role collections include the following:

  • Directory Administrator
  • Directory Viewer

For more information about these role collections, see Role Collections and Roles in Global Accounts, Directories, and Subaccounts.

Procedure

  1. Navigate to your directory.

  2. Add a user to your directory.

    For more information, see Create Users.

  3. Assign a role collection to the user.

    For more information, see Assign Users to Role Collections.

Results

The next time this user logs on to the SAP BTP cockpit, the user can access this directory.

Related Information

Working with Users

Role Collections and Roles in Global Accounts, Directories, and Subaccounts