Add a user account in your USM Central environment for each member of your team who needs access. Users created in USM Central are automatically created in the connected deployments as well. These new users share the same role access in both environments. Manager accounts can manually change the access of other user accounts in the individual environments.
If an account is created in a connected deployment first, and then added to USM Central, the account from the connected deployment will take precedence over the account in USM Central. This can cause issues with things like multi-factor authentication (MFAA method of access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge, possession, and inherence.) login for the USM Central account. AT&T Cybersecurity recommends that you delete the account on the connected deployment before adding the account to USM Central.
If you are an AT&T Cybersecurity Managed Security Service Provider (MSSP), it is common to manage more than one USM Central instance. For example, you may have an instance for each of your clients, or you may maintain a production instance and a staging instance for testing purpose. Each instance has its unique subdomain. When creating users in these instances, be aware that you cannot use the same email address even when the user is in an instance with a different subdomain. You will receive an error saying "Unable to create user" if you try.
USM Central implements role-based access control (RBAC)Describes authentication and authorization scheme in which access to functionality is based on the privileges or permissions associated with the group or role a user is a member of.. See Role-Based Access Control (RBAC) in USM Central for more information.
To create a user
- Go to Settings > Users to open the page.
- Click New User.
Enter the user's email address and full name.
This is the email address used to verify the account and set the initial password.
Note: If you manage multiple USM Central instances, you cannot create users with the same email address in different subdomains.
- Select the roleTasks and responsibilities based on job description and position within an organization. A user's role is often used to define access to functionality and privileges to perform specific tasks and operations. you want to assign to the user. See Role-Based Access Control (RBAC) in USM Central for more information.
- Click Save.
USM Central sends an email to the email address that includes a link to set a password and loginLog in (verb): Process in which an individual gains access to a computer system after providing sufficient credentials to authenticate their unique identity. Login (noun): User credentials, typically a username and matching password..