search

Users & Roles

hashtag
Table of Contents

  1. Overview

  2. Browsing Users

  3. Adding a User

  4. Resetting a User's Password

  5. Browsing Role Assignments

  6. Assigning a Role

  7. Editing a Role Assignment Scope

  8. Removing a Role Assignment

  9. Understanding Scopes

hashtag
1. Overview

User and role management in Axilon DevOps Desktop controls who can access the system and what they can do. There are two pages:

  • Users -- View all users, create new accounts, and reset passwords.

  • Role Assignments -- Assign roles to users and manage the scope of those roles.

These pages are accessible from the Users section in the sidebar:

  • List Users is visible only to Global Admins.

  • Role Assignments is visible to Global Admins and Machine Admins.

hashtag
2. Browsing Users

Required role: Global Admin

hashtag
Steps

  1. Click Users > List Users in the sidebar.

  2. The page displays a table of all users.

hashtag
Table Columns

Column
What It Shows

Avatar

User avatar image.

Username

The user's login name.

Name

The user's display name.

Role

The assigned role (if any).

Created At

Account creation date.

MFA Status

Whether MFA is enabled for this user.

Actions

Change Password, Assign Role (if no role assigned).

hashtag
3. Adding a User

Required role: Global Admin

hashtag
Steps

  1. Go to Users > List Users.

  2. Click "Add User" in the page header.

  3. Fill out the form:

Field
Required
Rules
Notes

Name

Yes

5--100 characters; letters (including accented), dashes, apostrophes, spaces

The user's full display name.

Username

Yes

3--30 characters; lowercase letters, numbers, underscores. Must start with a letter.

The login identifier. Cannot be changed later.

Password

Auto

Auto-generated

A system-generated password is displayed in a read-only field. Click the copy button to copy it.

  1. Click "Create".

  2. On success, the user is created.

Important: You must copy the generated password and provide it to the user. The password cannot be retrieved later. The "Create" button is disabled until you have copied the password.

hashtag
4. Resetting a User's Password

Required role: Global Admin

hashtag
Steps

  1. Go to Users > List Users.

  2. Find the user in the table and click "Change Password" in their actions menu.

  3. A confirmation dialog appears. Click "Confirm".

  4. A new system-generated password is displayed. Copy it before closing.

  5. The modal's close button is disabled until you have copied the password.

Provide the new password to the user. They will be required to change it on their next login (via the onboarding flow).

hashtag
5. Browsing Role Assignments

Required role: Global Admin or Machine Admin

hashtag
Steps

  1. Click Users > Role Assignments in the sidebar.

  2. The page displays a paginated table (10 items per page by default).

hashtag
Table Columns

Column
What It Shows

User

The user this role is assigned to.

Role

The role name (Global Admin, Machine Admin, or Developer).

Scope

Either "Full access" (for Global Admin) or a count of assigned machines.

Assigned At

When the role was assigned.

Actions

Edit Scope, Remove Assignment (permission-dependent).

hashtag
Filtering

Filter
Description

User

Search by user.

Role Name

Filter by role.

Machine

Filter by machine scope.

hashtag
6. Assigning a Role

Required role: Global Admin or Machine Admin

hashtag
Steps

  1. Go to Users > Role Assignments.

  2. Click "Assign Role" in the page header. (Alternatively, click "Assign Role" on a user row in the Users list if they have no role.)

  3. Fill out the form:

Field
Required
Notes

User

Yes

Select the user to assign a role to.

Role

Yes

Select the role: Global Admin, Machine Admin, or Developer. A description of the selected role is shown below the dropdown.

Scope

Conditional

See Section 9. Not required for Global Admin.

  1. Click "Submit".

  2. A confirmation notification appears on success.

hashtag
7. Editing a Role Assignment Scope

Required role: Global Admin or Machine Admin

You can change the machine scope for Machine Admin and Developer role assignments.

Note: Global Admin assignments have "Full access" scope and cannot be edited.

hashtag
Steps

  1. In the Role Assignments table, click "Edit Scope" in the row's actions menu.

  2. Modify the machine selections in the scope picker.

  3. Click "Submit".

hashtag
8. Removing a Role Assignment

Required role: Global Admin or Machine Admin (with restrictions)

hashtag
Steps

  1. In the Role Assignments table, click "Remove" in the row's actions menu.

  2. Confirm the removal in the dialog.

  3. A confirmation notification appears on success.

hashtag
Restrictions

Role Being Removed
Who Can Remove It

Global Admin

Global Admin only

Machine Admin

Global Admin or Machine Admin

Developer

Global Admin or Machine Admin

hashtag
9. Understanding Scopes

Role assignments for Machine Admin and Developer roles can be scoped to specific machines.

hashtag
How Scoping Works

Role
Scope Behavior

Global Admin

Always has full access. No scope selection needed.

Machine Admin

Can be scoped to specific machines. If no machines are selected, the role is unscoped (access to all machines within their permission level).

Developer

Can be scoped to specific machines. Same behavior as Machine Admin regarding empty scope.

hashtag
Scope Picker

When assigning a Machine Admin or Developer role, the scope picker allows you to:

  1. Select machines -- Choose which machines this user can manage or access.

  2. Leave empty -- An unscoped assignment gives access based on the role's default permissions.

The scope determines which machines the user can see and interact with across the application (configurations, snapshots, restores, clones, etc.).

PreviousAuthenticationNextApplications

Last updated