Page tree
Skip to end of metadata
Go to start of metadata

A App Management user is an individual who is authorized to access your organization's App Catalog. Users can also be authorized to perform administration functions from the Admin Portal.

User access to App Management is defined with user roles and user groups:

  • Roles: Roles define permissions in the Admin Portal. For more information, see Roles

  • Groups: Groups define access to applications within the App Catalog. Administrators can create groups and place users within those groups. When an Administrator adds an application, the Administrator specifies the groups that will have access to that application.

Unique User Identifiers

When you create a user, you specify a user ID that is used to uniquely identify the user in the App Management database. To log in to the Admin Portal, an Administrator enters this user ID and a password that he/she sets when first activating the account. To log in to the App Catalog, a User enters either user ID and password, or uses the Single Sign-on method set up within your company; this depends on how user authentication is configured for your organization. 

A common convention is to use the user's corporate email address as the user ID since this is something that is unique and easy for the user to remember. Some of your App Catalog users, however, may not have corporate email accounts (for example, contractors and partners). You can use any identifier that is unique within your organization; you cannot use the same user ID for more than one user.


When you create a user, you can also specify an email address for the user. If you use the user's email address for a user ID, then these two fields will be the same. An email address is required when you are creating an administrator (user with the Administrator role) as App Management needs to send support and other emails to administrators. An email address in not required for non-administrator users, but we recommend providing one if available; if you do not provide an email address for a user, App Management cannot send the user an invitation.

Inviting Users to App Management

When you add a new user and provide an email address for the user, you can request that the system automatically send an invitation to the user that includes links for setting a user password and installing the App Catalog. You can edit the content of the invitation message to incorporate corporate-specific content. Optionally, you can choose to send your own invitations instead of having the system send them.

Sending a Notification to Users (User Messaging)

Specifying Custom Metadata

When you add a user, you specify standard metadata about the user, including First Name, Last Name, User ID, and Email Address. Your organization can be configured so that you can also specify custom metadata about a user. For example, you may want to store information about a user's job title, office location, and project teams.

In order to specify custom metadata, first you define a custom metadata template on the Settings page. Once that template is defined, the custom metadata fields you specified will display on the Add New User and Edit User pages, and any custom metadata specified for a user will display on the user's Details page and the New Group and Edit Group pages.

For more information, see User Custom Metadata.

Configuring a Password Policy

If you are using App Management authentication rather than SSO (Single Sign On) to authenticate your users, you can enforce a stricter password policy in your organization by configuring the following:

  • Password Complexity: Through the Admin Portal, an Administrator can set the password complexity criteria for all users of an organization (this includes all user roles). For more information on setting password complexity criteria in your organization, see Configure Password Complexity.

  • Password Expiration: This can be applied in two ways. 
    1. Set a password expiration time period for all users without the "Administrator" role. User password expiration is set by Administrators through the Admin Portal. 
    2. Set a password expiration time period for users with the “Administrator” role. Administrator password expiration can only be set by Customer Support

  1. For more information on password expiration, see Set Password Requirements.

Shared User Accounts

Consider these points if any of your users share the same App Management user account:

  • Users should avoid sharing an App Management administrator account when working in the Admin Portal. If one user switches to an affiliated organization, it will switch the selected organization for all the users logged in with that same administrator account.

  • If there are multiple Admin Portal sessions running at the same time for the same App Management user, logging out of one session will log the user out of all sessions. The same is true for App Catalog sessions (that is, when the same user is logged in to the catalog on different devices). Terminating a user’s Admin Portal session, however, does not terminate any of the user’s concurrent App Catalog sessions (and vice versa).

  • If you interface with the App Management API for scripting or automation purposes (including through the App Management Plugin for Jenkins), create a separate administrator user that will be used only with API requests.

Users Page

Use the Admin Portal Users page to manage users in your organization. From this page you can add new users, display information about existing users, and click to perform other actions such as disabling/enabling or deleting a user.

By default, the list displays a subset of data columns. To change which columns display, use the Show/hide columns menu. By default, users are sorted in ascending order by Last Name. Click on any column with the red arrows to sort by that column. Note, sorting by the Role column is not done alphabetically, but is instead sorted in this order: User, Administrator, Developer, and User Manager. 

The Custom Metadata column is displayed only if there is a custom metadata template defined for your organization. If there is a custom metadata template defined for your organization, you can see a user's custom metadata by hovering over the information tooltip in the Custom Metadata column. These information tooltips are displayed only for users who have custom metadata defined. 

To filter the list and find specific users, use the Search field to search on First Name, Last Name, User ID, Email, Phone, and Custom Metadata. Refer to the table below for search guidelines:

To search this column...Enter...
First Name

A case-insensitive string to return a list of users with the specified text string anywhere in their name or phone number. For example, if you type the string Dav into the search field, the list returned will include all users who have the letters Dav (upper or lowercase) anywhere in their first or last name.


Search First Name or Last Name columns separately; you cannot search for a full name.

Last Name
User IDA case-insensitive, full user ID or email. The search returns exact matches only.

Custom Metadata


field_name is case-sensitive and must be the full name of the custom metadata field, not the labelstring is not case-sensitive. If you leave string blank, no search results are returned.

For example: To search the department field for users in the NortheastSales and WorldwideSales departments, enter departments:sales.

  • No labels