TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-11-14 21:43:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(docs): quickstart, clients and projects (#864)

Browse Source 
* init screenshots

* Improve Users

* add screenshots

* start guide & clent & project improvements

* minor corrections to links

* minor typos
This commit is contained in:
Florian Forster
2020-10-22 17:12:59 +02:00
committed by GitHub
parent d71eb25dbc
commit cf54239f51
37 changed files with 118 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
site/docs/administrate/06-users.en.md
View File

@@ -4,32 +4,48 @@ title: Users
### What are users
In ZITADEL there are different users. Some belong to dedicated organisations other belong to the global org. Some of them are human users others are machines.
Nonetheless we treat them all the same in regard to roles management and audit trail.
In **ZITADEL** there are different [users](administrate#Users). Some belong to dedicated [organisations](administrate#Organisations) other belong to the global [organisations](administrate#Organisations). Some of them are human [users](administrate#Users) others are machines.
Nonetheless we treat them all the same in regard to [roles](administrate#Roles) management and audit trail.
#### Human vs. Service Users
The major difference between humane vs. machine users is the type of credentials who can be used.
With machine users there is only a non interactive login process possible. As such we utilize “JWT as Authorization Grant”.
The major difference between humane vs. machine [users](administrate#Users) is the type of credentials who can be used.
With machine [users](administrate#Users) there is only a non interactive login process possible. As such we utilize “JWT as Authorization Grant”.
> TODO Link to “JWT as Authorization Grant” explanation.
### How ZITADEL handles usernames
ZITADEL is built around the concept of organisations. Each organisation has it's own pool of usernames which include human and service users.
For example a user with the username `alice` can only exist once the org. `ACME`. ZITADEL will automatically generate a "logonname" for each user consisting of `{username}@{domainname}.{zitadeldomain}`. Without verifying the domain name this would result in the logonname `alice@acme.zitadel.ch`. If you use a dedicated ZITADEL replace `zitadel.ch` with your domain name.
**ZITADEL** is built around the concept of [organisations](administrate#Organisations). Each [organisation](administrate#Organisations) has it's own pool of usernames which include human and service [users](administrate#Users).
For example a [user](administrate#Users) with the username `road.runner` can only exist once the [organisation](administrate#Organisations) `ACME`. **ZITADEL** will automatically generate a "logonname" for each [user](administrate#Users) consisting of `{username}@{domainname}.{zitadeldomain}`. Without verifying the domain name this would result in the logonname `road.runner@acme.zitadel.ch`. If you use a dedicated **ZITADEL** replace `zitadel.ch` with your domain name.
If someone verifies a domain name within the org. ZITADEL will generate additional logonames for each user with that domain. For example if the domain is `acme.ch` the resulting logonname would be `alice@acme.ch` and as well the generated one `alice@acme.zitadel.ch`.
If someone verifies a domain name within the organisation **ZITADEL** will generate additional logonames for each [user](administrate#Users) with that domain. For example if the domain is `acme.ch` the resulting logonname would be `road.runner@acme.ch` and as well the generated one `road.runner@acme.zitadel.ch`.
> Domain verification also removes the logonname from all users who might have used this combination in the global org.
> Relating to example with `acme.ch` if a user in the global org, let's call him `bob` used `bob@acme.ch` this logonname will be replaced with `bob@randomvalue.tld`
> ZITADEL notifies the user about this change
> Domain verification also removes the logonname from all [users](administrate#Users who might have used this combination in the global [organisation](administrate#Organisations).
> Relating to example with `acme.ch` if a user in the global [organisation](administrate#Organisations), let's call him `coyote` used `coyote@acme.ch` this logonname will be replaced with `coyote@randomvalue.tld`
> **ZITADEL** notifies the user about this change
### Manage Users
#### Create User
#### Search Users
> Screenshot here
<img src="img/console_user_list_search.png" alt="User list Search" width="1000px" height="auto">
Image 1: User List Search
#### Create Users
<img src="img/console_user_list.png" alt="User list" width="1000px" height="auto">
Image 2: User List
<img src="img/console_user_create_form.png" alt="User Create Form" width="1000px" height="auto">
Image 3: User Create Form
<img src="img/console_user_create_done.png" alt="User Create Done" width="1000px" height="auto">
Image 4: User Create Done
#### Set Password