Users
The Users app is where administrators create and manage every person who has access to the platform — controlling what apps they can use, what data they can see, and what actions they are permitted to take, all from one place.
🔐 Who Can Access Users
| Your Role | What You See in the Users List |
|---|---|
| Super Administrator | All users in the account |
| Administrator | All users except Super Administrators |
| All other roles | No access — an Unauthorized error will appear |
⚠️ Non-obvious: If you see an Unauthorized error when opening Users, your role does not include access to this app. Contact your Administrator to adjust your permissions.
🌳 User Hierarchy Panel
The left panel shows a collapsible tree of your organization's user structure. Each node represents a parent user and their sub-users nested beneath them.
| Element | Description |
|---|---|
| Organization root | The top-level account node. Click the ▶ arrow to expand and see all users in the hierarchy. |
| Nested user nodes | Sub-users are indented beneath their parent user, reflecting the Parent User assignments made when each user was created |
⚠️ Non-obvious: The hierarchy tree is a read-only view. To change a user's position in the hierarchy, you must edit that user's Parent User field via the Update User form.
📋 Users List
Section header: "List of Users in the System"
Click any row to open that user's detail view.
Users List — Columns
| Column | Description |
|---|---|
| Name | The user's full name with avatar icon |
| The user's unique login email address | |
| User Type | The category of user: Manufacturer, Distributor, Customer, etc. |
| Identity | Describes this user's relationship to you. Shows You for your own account and Sub User for all users beneath you in the hierarchy |
| Last Modified Date | Date the user's record was last updated. Shows "Never" if not edited since creation. |
| Last Login | Date and time the user last logged in. Shows "Never" if the user has not yet logged in. |
| Action — 👤 + (Impersonate) | Opens a confirmation dialog to begin an impersonation session as this user. Visible only to authorized roles. |
| Action — ⋮⋮⋮ (More) | Opens additional options for this user row |
| Action — 🗑 (Delete) | Deletes (disables) this user. The user will lose access to the platform. |
Table Controls
| Control | Description |
|---|---|
| 🔍 Search | Search users by name or email |
| ⚡ Filter | Filter the list by user type, role, or other attributes |
| ⊞ / ☰ / ⊡ view icons | Switch between card, list, and density display options |
| + Add | Opens the Create Users & Roles form |
| Request Data | Export a data extract of the current users list |
| Rows per page | Adjust to show more users per page |
➕ Create Users & Roles Form
Click the + icon in the Users List toolbar to open the Create Users & Roles form. The form is divided into five sections.
Switching Between Single and Bulk Creation
| Tab | What It Does |
|---|---|
| CREATE SINGLE USER | Fill in the form manually to create one user at a time |
| CREATE BULK USERS | Download a template file, fill in multiple users, and upload the completed file to create many users at once |
Bulk user controls:
| Button | Description |
|---|---|
| DOWNLOAD TEMPLATE FILE | Downloads a pre-formatted spreadsheet for bulk user creation |
| UPLOAD USERS FILE | Upload your completed template file to create all users in the spreadsheet at once |
Section 1 — User Details
| Field | Description |
|---|---|
| First Name | The user's given name |
| Last Name | The user's family name |
| Email Address | Must be unique across the entire account. This becomes the user's login. Once set, email cannot be changed. |
| Select User Type | The category the user belongs to: Manufacturer, Distributor, Customer, etc. |
| Parent User | The user who supervises this account. Determines position in the User Hierarchy tree. |
| Organization Name | The organization this user belongs to |
| Parts List Type | Controls which parts list view this user sees. Default is Full BOM. |
| SSO user only | Check this box if this user will log in exclusively via Single Sign-On |
| UPLOAD LOGO | Attach a logo image to this user's profile |
⚠️ Non-obvious: When a new user is saved, the platform automatically sends them a welcome email containing a temporary password. The new user must log in and change this password before they can use the platform. There is no way to suppress this email or set the initial password manually.
Section 2 — User Security Groups
| Field | Description |
|---|---|
| Select Security Group | Multi-select dropdown. Choose one or more security groups to assign to this user. |
Security groups are the primary access control mechanism for data. A user will only see the assets, systems, maintenance records, alerts, and documents that belong to their assigned security groups.
⚠️ Non-obvious: A user with no security group assigned will not see any assets or related data anywhere in the platform, even if they have apps installed. Security group assignment is required for meaningful access to operational data.
Section 3 — User Role
Roles control what actions a user can take within each app (Create, Read, Update, Delete). You must assign exactly one role per user.
| Option | Description |
|---|---|
| SELECT tab | Choose from an existing role in the dropdown |
| CREATE NEW tab | Define a brand-new role on the spot and assign it to this user |
Creating a new role requires:
| Field | Description |
|---|---|
| Role Name | Must be unique across the entire account |
| Description | A plain-language summary of what this role is for |
| App permissions grid | For each app installed in your account, check the permissions this role should have: Create, Read, Update, Delete |
⚠️ Non-obvious: A newly created role applies to all users assigned that role — not just the user being created right now. Create a new role only when you genuinely need a new permission profile, not just to customize one user.
Section 4 — Discount Classes
Used for e-commerce and parts pricing contexts. Leave blank if not applicable.
| Field | Description |
|---|---|
| Default Class Discount (In %) | The baseline discount percentage applied to this user's parts orders |
| Class A Discount (In %) | Discount rate for Class A pricing tier |
| Class B Discount (In %) | Discount rate for Class B pricing tier |
| Class C Discount (In %) | Discount rate for Class C pricing tier |
Section 5 — Pre-Install Apps (Optional)
A grid of all apps available in your account. Check the apps you want automatically installed for this user when the account is created.
⚠️ Non-obvious: Pre-installing an app does not grant permissions to use it — that is controlled by the user's Role. Pre-installing makes the app appear in the user's sidebar navigation. A user who has an app installed but lacks Read permission in their role will see the app but may get an error or empty screen when they open it.
Form Buttons
| Button | Description |
|---|---|
| ✕ CANCEL | Discards all entries and returns to the Users List without creating a user |
| 💾 SAVE | Submits the form, creates the user, and sends them a temporary password by email |
🔍 User Detail View
Click any user row in the Users List to open that user's detail view. The breadcrumb shows: Users / [email address]
A ✏️ pencil icon in the top-right corner opens the Update User form.
📱 Apps Tab
Lists every app currently installed for this user.
| Column | Description |
|---|---|
| App | Name of the installed app |
| Status | Installed (green badge) |
| Version | The version number of the installed app |
🔑 Roles Tab
Shows the app-by-app permission matrix for this user's assigned role.
| Column | Description |
|---|---|
| App | Name of the app the permission applies to |
| Create | ✅ Checked = user can create records. ☐ Unchecked = cannot create |
| Read | ✅ Checked = user can view records. ☐ Unchecked = cannot view |
| Update | ✅ Checked = user can edit records. ☐ Unchecked = cannot edit |
| Delete | ✅ Checked = user can delete records. ☐ Unchecked = cannot delete |
⚠️ Non-obvious: The Roles tab is read-only here. To change what a user can do, assign them a different role or create a new role via the Update User form. Editing the role here would affect all other users sharing that role.
🛡️ Security Groups Tab
Lists all security groups currently assigned to this user.
| Column | Description |
|---|---|
| Name | The name of the security group |
| Description | A plain-language explanation of what the security group governs |
📊 User Activity Tab
An audit log of this user's platform activity.
| Column | Description |
|---|---|
| Event Type | The type of action the user performed (e.g., login, data access) |
| Event Time | Date and time of the event |
| City | The city from which the action was performed |
| Country | The country from which the action was performed |
| IP Address | The network address associated with the action |
⚠️ Non-obvious: The User Activity tab is the audit trail for security and compliance purposes. If a user's account shows unexpected activity from an unfamiliar location or IP address, this tab is where you would detect it. Activity records cannot be deleted from the platform.
✏️ Update User Form
Click the ✏️ pencil icon on any user's detail view to open the Update User form. The form has the same five sections as Create User, with the following differences:
| Field | Behavior on Update |
|---|---|
| Email Address | Read-only. Email cannot be changed after account creation. |
| Security Groups | Existing groups shown as pre-selected chips. Remove a group by clicking ×; add new ones from the dropdown. Removing a group immediately removes that user's access to related assets and data. |
| User Role — SELECT | Current role shown in the dropdown. Swap to any other existing role. |
| User Role — CREATE NEW | Creates a new role and reassigns this user to it. The old role relationship is removed. |
| Pre-Install Apps | Currently installed apps shown as checked. Uncheck to uninstall; check to install. |
🎭 User Impersonation
Impersonation lets authorized administrators temporarily act as another user — for troubleshooting, support, or operational verification — without needing that user's password.
Who Can Impersonate Whom
| Your Role | You Can Impersonate |
|---|---|
| Super Administrator | Administrators, Org Administrators, and all standard users |
| Administrator | Org Administrators and all standard users |
| Org Administrator | Standard users within the same organization only |
| Standard Users | Cannot impersonate anyone |
Starting an Impersonation Session
- Locate the user in the Users List.
- Click the 👤 + icon in the Action column for that user row.
- A confirmation dialog appears. Confirm to begin the session.
- The platform now operates as that user — all data, apps, and permissions reflect the impersonated user's account.
During Impersonation
- An Exit Impersonation option appears in your Profile menu.
- All actions performed during the session are scoped to the impersonated user's data.
- The session is visually distinct to remind you that you are not operating as yourself.
Ending an Impersonation Session
| Method | What Happens |
|---|---|
| Click Exit Impersonation in the Profile menu | Session ends immediately; you return to your own account |
| Log out of the platform | Impersonation ends and you are logged out entirely |
| Session token expires | Impersonation ends automatically; you return to your own account |
Impersonation Rules
| Rule | Detail |
|---|---|
| ❌ No self-impersonation | You cannot impersonate your own account |
| ❌ No nested impersonation | You cannot start a new impersonation session while one is already active |
| ❌ No privilege escalation | You can only impersonate users at a lower role level than your own |
| ✅ Authorized users only | The 👤 + icon is only visible to roles permitted to impersonate |
⚠️ Non-obvious: Any changes made during an impersonation session (edits, status updates, comments, etc.) are recorded as actions by the impersonated user, not by you. If you need an audit trail showing that an administrator made a change on behalf of a user, document it externally before beginning the session.
🔄 Workflows
Workflow 1 — Create a New User
- Open Users from the Settings menu.
- Click the + icon in the Users List toolbar.
- Section 1 — User Details: Enter First Name, Last Name, Email, User Type, Parent User, and Organization Name.
- Section 2 — Security Groups: Select one or more security groups. This determines what assets and data the user will see.
- Section 3 — User Role: Click SELECT to assign an existing role, or CREATE NEW to define a new permission profile.
- Section 4 — Discount Classes: Fill in if applicable.
- Section 5 — Pre-Install Apps: Check all apps this user should have access to from day one.
- Click SAVE. The user is created and an email with a temporary password is sent automatically.
✅ Result: The new user appears in the Users List and the User Hierarchy. They can log in immediately using the temporary password sent to their email.
Workflow 2 — Update a User's Security Groups or Role��
- Open Users and click the user's row to open their detail view.
- Click the ✏️ pencil icon to open the Update User form.
- Security Groups: Add new groups by selecting from the dropdown. Remove groups by clicking × on existing chips.
- User Role: Switch to a different role using the SELECT dropdown, or create a new role using CREATE NEW.
- Click SAVE.
✅ Result: The user's data visibility and app permissions update immediately. No re-login is required by the user.
Workflow 3 — Review What a User Can See and Do
- Open Users and click the user's row.
- Click the Apps tab to confirm which apps are installed for this user.
- Click the Roles tab to review the Create/Read/Update/Delete permission matrix for each app.
- Click the Security Groups tab to see which data groups this user belongs to.
- Cross-reference: if a user reports they cannot see certain data, check Security Groups. If they cannot perform an action, check the Roles permission matrix.
✅ Result: You have a complete picture of the user's access without needing to contact them or test their account directly.
Workflow 4 — Bulk Create Users
- Click the + icon in the Users List toolbar.
- Click the CREATE BULK USERS tab at the top of the form.
- Click DOWNLOAD TEMPLATE FILE and open the downloaded spreadsheet.
- Fill in one row per user following the column headings in the template.
- Save the completed file and return to the form.
- Click UPLOAD USERS FILE and select your completed file.
- Confirm the upload.
✅ Result: All users in the spreadsheet are created at once, each receiving a temporary password by email.
Workflow 5 — Troubleshoot a User's Access via Impersonation
- Open Users and locate the user reporting an issue.
- Click the 👤 + Impersonate icon in the Action column.
- Confirm the impersonation session in the dialog.
- Navigate through the platform as that user to reproduce the issue they are experiencing.
- When the issue is identified and resolved, click Exit Impersonation from the Profile menu.
✅ Result: You have seen exactly what the user sees, can diagnose access or data issues accurately, and have exited cleanly back to your own session.
✅ Best Practices
- Assign security groups before saving a new user. A user without a security group will see no assets or data anywhere on the platform — even if all apps are installed. Security group assignment is the single most important step in user setup.
- Use existing roles rather than creating new ones for each user. Create a new role only when you need a genuinely new permission profile. Assign multiple users to the same role so permission changes can be made in one place.
- Review the User Activity tab regularly for unusual login locations. If a user account shows logins from unexpected cities or IP addresses, investigate immediately.
- Do not impersonate a user to make routine changes on their behalf. Changes made during impersonation are logged as the impersonated user's actions. Use the Update User form for standard administrative changes so the audit trail is accurate.
- Use bulk user creation for onboarding large groups. If you are adding more than a few users at once, the DOWNLOAD TEMPLATE FILE / UPLOAD USERS FILE workflow is significantly faster and reduces data entry errors.
- When removing a security group from a user, confirm the impact first. Removing a security group immediately removes access to all assets and related data in that group. Review the Security Groups tab before saving.
💡 Tips & Shortcuts
| Tip | How |
|---|---|
| Find a user quickly | Use the 🔍 search bar and type the user's name or email address |
| See a user's full access profile in one view | Open the user detail and tab through Apps → Roles → Security Groups in sequence |
| Diagnose "I can't see my assets" issues | Check the Security Groups tab — a missing or wrong group is the most common cause |
| Diagnose "I can't edit/delete" issues | Check the Roles tab — the relevant app's Update or Delete checkbox is likely unchecked |
| Confirm a new user received their invitation | Check the Last Login column — "Never" means they have not yet logged in |
| Change a user's org hierarchy position | Open Update User and change the Parent User dropdown |