This option allows the System Administrator to invite new Administrative Users and Business Users to their organization. Each user will have a specific role assigned in the organization based on which they will have the privilege to maintain the system or interact with New Hires.
What are the roles a System Administrator can assign to the user?
A System Administrator can assign any of these roles to a user that they invite.
| User Type | User Roles | Description |
|---|---|---|
| Administrative Users | System Administrator |
|
| Process Administrator |
| |
| Content Administrator |
| |
| Business Users |
| |
| HR Specialist |
| |
| Help Desk Analyst |
| |
| I-9 Specialist |
| |
| E-Verify Specialist |
| |
| Authorized Representative |
|
To be able to add a new user/contact, the System Administrator must have completed their own Self Registration and User Onboarding, as well as the Organization Onboarding process (if they are the first System Administrator).
Note: Users logging in through SSO will also have the "Add New User/Contact" button enabled on their Manage User setup page so that they can add non system user contacts in their organization. For details please refer the last section of this page.
Who has access to add a new user/contact?
Only users with System Administrator role can add users and contacts to the system.
There are two ways to access "Add New User/Contact" button as a System Administrator:
| 2 Ways to Access Add New User/Contact |
|---|
Menu Icon: The Menu Icon is used to display all relevant actions the current user is able to perform. |
Quick Links: If you are user you are able to access this page through the Quick Link 'Manage Users/Contacts.'  *Note: your organization can remove this link but it is provided as part of our delivered home page. |
Access Via Menu Icon:
Every action a user can perform can be found by using the Menu icon. The Menu icon can be found in the upper left hand corner of the page. Click the Menu icon, and navigate to 'Manage Users/Contacts' under 'Users/Contacts'.
| Menu |
|---|
|
Access Via Quick Links:
On the System Administrator home page, you can select 'Manage Users/Contacts' through the Quick Links bar located below the banner photo. These links change depending on the current user's role.
| Home Page with Quick Links |
|---|
|
Manage Users/Contacts Console
After navigating to the 'Manage Users/Contacts' page, click the Add New User/Contact button.
Manage Users/Contacts Console |
|---|
|
What makes up the Invite/Edit User page?
The Invite/Edit User page consists of 4 sections: Personal Information, Roles, Row Level Security and Authorized Lookup Security. The following example shows adding a system user to the organization.
While filling this form, make sure the required fields are entered.
| Invite/Edit User Page |
|---|
|
The validation messages trigger if any of the required field is not entered.
|
Personal Information
The following personal information must be entered for the user.
Field | Required | Behavior |
|---|---|---|
First Name | Yes |
|
Last Name | Yes |
|
Email ID | Yes |
|
Phone | Yes |
|
| System User |
|
The values entered in the fields are validated and appropriate messages are displayed when the value entered in the fields are invalid.
Few of them are given below:
| When Invalid characters are entered in First Name/Last Name |
|---|
|
Email validations:
| when '@' or '.' is missing |
|---|
|
| when a character is missing between '@' and '." |
|---|
|
| when only one character exists after '.' |
|---|
|
| when invalid characters entered in email domain |
|---|
|
| when invalid character is entered in the local part of the email address |
|---|
|
| when two '@' signs are entered |
|---|
|
Phone validations:
| when phone number is not in number format |
|---|
|
| when phone number is not 10 digits |
|---|
|
Onboarding - Roles / Smart I-9 E-Verify Roles
The following role or roles must be defined for the user. A user can be assigned more than one role from the above list.
Field | Behavior |
|---|---|
Smart Onboarding - Roles (Required) | Defines the role of the user:
|
Minimum Role Requirement: Each of these following roles must be assigned to at least one user. The other roles are available, but not required.
- System Administrator
- HR Specialist
- I-9 Specialist
- E-Verify Specialist (if using E-Verify)
When "System User" is checked, a role must be assigned to the user. Otherwise, an error message displays as below:
| when "System User" is checked |
|---|
|
If the user has been assigned the same role for the same product multiple times, the below message will be displayed when saving the user profile or inviting the user.
|
Note: System users can also be added with no role assigned when creating an invitation. Later, the user's profile can be modified to add the onboarding/Smart I-9 E-Verify roles. For more details on modifying the user's profile, please click here.
In this example, a user is created with "No Role Assigned" option in Onboarding - Roles.
|
| User details in Manage Users/Contacts |
|---|
|
Since the user has no roles assigned to his/her profile, the user will not see any activities when they are logged in after completing their self-registration.
 |
If the user need to complete their pre-boarding activities, they need to click on the user name on the top right corner of the menu and select "My User Onboarding" option.
The user will be able to complete the pre-boarding activities, but cannot perform any tasks until a role is assigned to them.
|
Row Level Security
The System Administrator is required to enter all fields in the Row Level Security Section. These define the range of the user’s interactions. These fields will determine the consoles that appear in the 'Authorized Security Lookup' section.
Field | Behavior |
|---|---|
Company (Required) | Enter or Search for the Security Group that is associated with the Company attribute Used to define the Company(s) with which the user will be able to interact |
Business Unit (Required) | Enter or Search for the Security Group that is associated with the Business Unit attribute Used to define the Business Unit(s) with which the user will be able to interact |
Department (Required) | Enter or Search for the Security Group that is associated with the Department attribute Used to define the Department(s) with which the user will be able to interact |
Location (Required) | Enter or Search for the Security Group that is associated with the Location attribute Used to define the Location(s) with which the user will be able to interact |
In the lookup any Security Group that has been defined for the corresponding attribute can be specified. This allows the System Administrator to define the scope of the user as required.
| Security Group Look Up for Business Unit |
|---|
|
*Note: All fields default to allowing access to all values.
Authorized Security Lookup
The System Administrator has the option to enter a value for any of the fields in the Authorized Security Lookup. This section uses Security Group look ups, just as the fields in Row Level Security. If a value is entered, the user only sees the attribute values that are associated with the specified Security Group when they are prompted for the attribute.
| Role | Effect of Security Group Lookup Fields |
|---|---|
System Administrator Process Administrator Content Administrator | Will alter the values shown in the Attribute Revisions |
HR Specialist Recruiter | Will alter the values shown on the New Hire Invitations |
The following fields can have authorized security lookup.
Field (Optional)* |
|---|
Action |
Reason |
Regular/Temporary |
Full/Part Time |
Company |
Business Unit |
Department |
Location |
Operating Unit |
Job Code |
Employee Class |
Appointment Type |
Client ID |
Pay Group |
Salary Plan |
Salary Grade |
Employee Type |
Comp. Frequency |
Comp. Rate Code |
Earnings Code |
Tax Location Code |
Employment Agreement |
Hire Template |
User Defined Attribute |
*Note: All fields default to allowing access to all values.
Save and Invite
There are two ways that a System Administrator can invite a user:
| Way to Invite User to system | Description |
|---|---|
Click Invite at the bottom of the 'Invite/Edit User' page |
This option should be used if you want to invite the user immediately. |
| Click Save at the bottom of the 'Invite/Edit User' Page, then click Invite at a later time. |
This option should be used if you want to add the user to the system, but launch the invitation at a later time. |
Note: In SSO based Organizations (users logging in through SSO), the users will not have the ability to invite users through Manage Users/Contacts but can create non-system users. For more details on creating non-system users, please refer to last section on this page.
If you have saved the invitation without inviting, you can invite the user at a later time. Navigate to 'Manage Users/Contacts', search for the user you saved, click on "Actions", and then click "Invite".
The Onboarding Status for the invitations that are not launched will be in "Invitation Created" status.
|
Click on 'Yes' to confirm the action.
|
The following message confirms the invitation has been sent to the user.
|
The Onboarding Status of the user's invitation changes from "Invitation Created" to "Invitation Launched" in the Manage Users/Contacts page.
|
The email received by the user will be as follows. By clicking on 'Start Onboarding' link the user can self register and create their login account.
|
How to complete Self Registration & User Onboarding?
Enter User ID and Password and click on 'Register Now' to create account login.
|
The following message confirms the account is created.
|
Once the self registration is completed, the onboarding status of the user in Manage Users/Contacts shows as 'Invitation In Progress'.
|
Now user can use the above created credentials to login into the system.
When the user logs in into the system initially, they must complete the User Onboarding process. This is a one-time process and only after completing this, the user will get access to the system.
|
The user may encounter additional verification steps (Challenge questions, two factor authentication or e-Pin verification) in case the fields are enabled in Authentication Preferences.
The welcome page shows as below. Click on 'Get Started'.
|
Acknowledge and complete Electronic Disclosure.
|
This completes User Onboarding. Logout and log back in to access the system.
|
The user will receive the following email after the User Onboarding is completed. By clicking on the link provided in the email, the user can login into the system.
|
Also, the onboarding status in Manage Users/Contacts shows as 'Invitation Completed' for the user.
|
After logging in, the user can start using the system features specific to their role.
|
Note: If the user is the initial System Administrator for the organization, then the user must also complete Organization Onboarding after this. For more details on this process, please click here.
How to limit a user's access to candidate data in consoles and dashboards?
To limit a user's access to candidate data in consoles and dashboards, customize the row-level security based on the specific attribute for Company/Business Unit. This configuration can be established during the creation of a new user or modifying an existing user.
Based on the requirement, security can be set up for Company/Business unit, to ensure that the user has limited access to data as mentioned in the row level security. Row level security can be established for an existing security group or by creating a new security group. For more details on creating a security group, please click here.
An example of row level security defined for Company attribute is given below.
|
How to add a non-system user in Manage Users/Contacts?
A non-system user cannot perform any activities in the system, but can act as a contact in the organization. When this user's contact ID is added as support contact in the Organization Management, the information associated with the user (name, phone and email) shows as contact information in system emails that are sent out to the users. To create the Contact ID for this user, you need to first add the user in Manage Users/Contacts.
Click on 'Add New User/Contact' button provided on the top right corner of the Manage Users/Contacts page.
|
In 'Invite/Edit User' page, enter the required user details (First Name, Last Name, Email ID and Phone). Note: If invalid values are entered in these fields, the corresponding validation messages trigger on the page.
After entering the user details, uncheck 'System User' checkbox and save. There is no need to enter the user roles for non-system users.
Note: You may also enter the roles if needed.
|
This generates a Contact ID for the user as shown below:
| Manage Users/Contacts |
|---|
|
| Invite/Edit User page |
|---|
|
Now, add the above generated Contact ID in 'Support Contact' field in the Organization Management and save.
|
This adds the user as support contact in the organization and the name, phone number and email information associated with the user will be shown in emails sent out by the system.
A sample email is given below:
| Email sent out to the user when password is successfully changed |
|---|
|
What are Contact Attributes?
Any additional information that you want to save about the user can be added in Contact Attributes.
|
How do you add Contact Attributes?
When you click on the "Contact Attributes" button, a page will open to add the information. Enter Field Name and Field Value as given below.
|
Click on "Add Contact Attribute" to add attributes.
|
Click "OK". When the page navigates to the user page, save the changes.
|
The information entered here can also be accessed or altered by navigating to the user page via Elastic Search.
Select "Contact Search" as Category and enter user name as the keyword in the "Keywords" field. Click Search. This will show the user details in search results page.
Click on the hyper link showing Contact ID/User Name.
|
This will present the user details page as shown below. Click on the "Contact Attributes" button on top of the page to open the attribute details.
|
The saved attribute values display on the page as given below.
|
Can you invite users with only Authorized Representative role?
Users with only Authorized Representative role cannot be invited through Manage Users/Contacts. When the user details are created with only "Authorized Representative" role and the "Invite" button is clicked on the Invite/Edit User page to send an invite to the user, the following error message will display on the page.
Note: However, they can be invited from Manage Users/Contacts if they have other Business User role(s) such as HR Specialist/I-9 Specialist/E-Verify Specialist.
|
| Error message |
|---|
|
In this case, the user invitation will be saved and visible in Manage Users/Contacts but the invitation cannot be sent to the user. When "Invite" option is selected from "Actions" to send an invite to the user, the error will display as follows.
|
Click on "Yes" to continue.
|
The error message displays as below:
|
Users with exclusive Authorized Representative role can be invited only when an I-9 is assigned to them from I-9 Section 2/3. For more details, please click here.
When an I-9 is assigned and invitation is sent to an Authorized Representative from I-9 Section 2/3, the user details will be added under Manage Users/Contacts as shown below. If the user has not responded to their invitation email by completing their self registration, the email invitation can be re-sent to them via "Resend Registration" action under "Actions" link.
|
A sample email notification sent to these users is given below:
|
How users logging in through SSO can add new users/contacts?
The users logging in through SSO will have a "Add New User/Contact" button on the Manage User Setup page to add contacts. This option supports creating non-system users with contact details (email and Phone number) but no roles and security. It is useful when SSO users need to create non system users to add as support contacts in the organization.
|
Note that the security options are not displayed on the Invite/Edit User page. Enter user details, keep "System User" option unchecked and click Save.
|
After save, the Contact ID is generated for the user.
|
When searched for the contact in Manage Users/Contacts setup the user contact shows as below:
|
If you want to add the user as support contact, use the above generated Contact ID in the Organization Management. For more details, please click here.
|
