User onboarding

Overview

With idemeum every new user (IT admin or technician) is onboarded with a mobile app. Think about the mobile app as a hardware key - it is used to secure the passkey, login into resources without passwords, and manage elevation and allowlisting requests. When the user is onboarded, the user record is managed with idemeum cloud directory. We support external directories as a user source, contact us if you want to discuss that.

New user onboarding

To onboard a user into idemeum:

• Create a new user record in idemeum directory by navigating to your parent tenant admin portal → Users → Add user. All you need to specify in the first name, last name, and email address.
• Now new user downloads idemeum mobile app from Play Store or App Store, installs the app and verifies the same email address in the mobile application.
• User navigates to your cloud portal, scans the QR-code, and approves login with biometrics.
• You can now promote user to admin or delegate access only to certain organizations / customer tenants.

Promote user to admin

To promote new user to admin:

• Find the user record in idemeum directory for your parent tenant (user needs to be in onboarded state)
• Click on ... and choose Make admin
• User will be promoted to a Global admin role

More about the roles below.

Delegate access to tenants

Delegate user access to organizations / customer tenants.

idemeum docsNik Pot

Delete or disable user

All you need to do to remove user access to idemeum is to disable or delete user. Disable user - block access but keep user record in the cloud. Delete user - remove user record from the cloud. You need to disable the user before deleting.

• Find the user record in idemeum directory for your parent tenant
• Click on ... and then choose Disable user
• Click on ... and choose Delete user if you want to permanently remove the user record