Add a user account in your USM Central environment for each member of your team who needs access. Users created in USM Central are automatically created in the connected deployments as well. These new users share the same role access in both environments. Manager accounts can manually change the access of other user accounts in the individual environments.
If an account is created in a connected deployment first and then added to USM Central, the account from the connected deployment will take precedence over the account in USM Central. This can cause issues with things like multifactor authentication (MFA A method of access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge, possession, and inherence.) login for the USM Central account. AT&T Cybersecurity recommends that you delete the account on the connected deployment before adding the account to USM Central.
If you are an AT&T Cybersecurity Managed Security Service Provider (MSSP), managing more than one USM Central instance is common. For example, you may have an instance for each of your clients, or you may maintain a production instance and a staging instance for testing purposes. Each instance has its unique subdomain. When creating users in these instances, be aware that you cannot use the same email address even when the user is in an instance with a different subdomain. You will receive an error saying "Unable to create user" if you try.
USM Central implements role-based access control (RBAC) Describes authentication and authorization scheme in which access to functionality is based on the privileges or permissions associated with the group or role a user is a member of.. See Role-Based Access Control (RBAC) in USM Central for more information.
To create a user
- Go to Settings > Users to open the page.
- Click New User.
- Enter the user's email address and full name.
Each user is required to verify their account and set up their initial password, with the exception of the user whose email address is associated with the USM Central license. This user is indicated by a dash (-) in the Email Verified column. A green checkmark indicates an account verification email was sent and a user has set their password. Users who have not fully verified their account are indicated by a red X .
Note: If you manage multiple USM Central instances, you cannot create users with the same email address in different subdomains.
- (Optional.) Configure an interval for auto-refreshing the alarms page.
Select the role Tasks and responsibilities based on job description and position within an organization. A user's role is often used to define access to functionality and privileges to perform specific tasks and operations. you want to assign to the user.
See Role-Based Access Control (RBAC) in USM Central for more information.
USM Central sends an email to the email address that includes a link to set a password and login Log in (verb): Process in which an individual gains access to a computer system after providing sufficient credentials to authenticate their unique identity. Login (noun): User credentials, typically a username and matching password..