Manage User Accounts

This page provides details for managing users in the Account Management Portal.

Every user employs the same sign-in for both the Account Management Portal and specifically assigned Tenants.

User Management Overview

The Accounts Management Portal allows Company Admins and License Admins to create users, globally manage user accounts, and assign Tenants through the User Management UI.

For SaaS Controller Tenant user account administration, editing a user account through the Account Management Portal affects the user for all Splunk AppDynamics components and some Controller Tenant rights simultaneously. Managing a user account through a Controller Tenant UI affects permissions for that Tenant only.

Every Splunk AppDynamics user that you register has subscription-based access to Splunk AppDynamics University and unlimited access to Splunk AppDynamics Community for FAQs and user forums. See Splunk AppDynamics SaaS User Management.

User Status

A user account can have one of three possible statuses:

  • Active—user has a valid email account that authenticates with either the Cisco Customer Identity (IdP) or your custom IdP.
  • Pending—user is in the system, but they did not yet validate their email.
  • Inactive—user cannot access Splunk AppDynamics components.
Active

Pending

Inactive

When you create a user that authenticates through the Cisco Customer Identity (IdP), they receive a time-sensitive email prompting them to activate their account by creating a username and password. A user is in Pending status until they complete the activation process.

Once complete, the user can perform certain functions according to their assigned company role. However, they do not have access to a Tenant until or unless an administrator adds the user account to a Tenant.

Editing functions become visible according to user status. Click the appropriate UI icon to perform the described function.

User Types

Splunk AppDynamics users can be Company Users or Guest Users. Company Users belong to one organization that has a Splunk AppDynamics account. The Company Administrator owns and manages the Company User's access, roles, and life cycle. The Company Administrator can also add Guest Users, grant them access to tenants, and assign them roles without configuring the Guest User authentication or manage the user's life cycle.

This table outlines the differences between the two user types:

User TypeUse CasesRequirementsTenant Access
Company User Employees within the same organization who need long-term access to the company's AppDynamics account and tenants.
  • Valid and unique email address
  • Authentication method such as SAML or LDAP
  • Assignment to one or more tenants

  • Assigned or default role

Company Users sign in to their company's AppDynamics account through the authentication configured by the Company Administrator. From the company's AppDynamics account, Company Users can launch Observability Platform tenants owned and managed by the company.

When a Company User leaves the organization, their access to the company's AppDynamics account is typically deactivated to maintain security.

Guest User *

  • Users from a different AppDynamics account who need temporary access.
  • Support teams need access to your tenant to resolve issues.
  • External consultants, contractors, or third-party organizations require access to your account's and tenant's data and resources.
  • Co-workers in different departments or organizations can access a tenant for a project.
  • External auditors need temporary access to the company's AppDynamics account to review data and compliance procedures.
  • Valid and unique email address
  • Member of another company's AppDynamics account
  • Assignment to one or more Observability Platform tenants

Like Company Users, Guest Users sign in to their company's AppDynamics account through the authentication configured by the Company Administrator. From their company's AppDynamics account, Guest Users can also launch tenants where they have been added as Guest Users.

When a Guest User leaves the organization, their access to the company's AppDynamics account is also typically deactivated to maintain security. Because Guest Users sign in with the authentication configured by their Company Administrator, they also lose access to non-company AppDynamics accounts.

Note: Company Administrators can revoke the Guest User's access to their company's Observability Platform tenants, but they cannot deactivate the user or modify the user's information.

*You can only add Guest Users on Observability Platform tenants. Company Administrators for Splunk AppDynamics SaaS and on-prem deployments do not have the option to add Guest Users.

Create New Users

The steps for creating new users depend on the Splunk AppDynamics products. Follow the steps for your licensed product:

Splunk AppDynamics SaaS

Splunk AppDynamics On-Premises

See Manage Controller Users and Groups.

Before You Begin

When creating a new user, Splunk AppDynamics recommends:
  • Using only ASCII characters for user names and passwords because of browser incompatibilities.
  • Choosing at least one role for the new user. Although it is possible to assign a role after creation, the user has very limited functionality until a role is assigned.
    Attention: Only users with Company Admin or License Admin roles can create new users. When we provision a new license for you, we automatically provision a new License Admin user account for that license.

Create a User

  1. Sign in to your Account Management Portal.
  2. Navigate to Access Management > User Management.
  3. Select Company Users.
  4. Click and select Add a Single User or Add Multiple Users.

    • To add a single user, enter the user email and, optionally, the user name.

    • To add multiple users concurrently, paste or type a list of user emails. The system ignores existing emails.

  5. Click Submit. If you see the following message, continue to Step 10.
    The user email you entered is owned by another company. This user will be added to your account as a Guest User when you click Next.
  6. (Optional) Enter the first and last name of the user.
  7. Select an IdP option through Authenticated By:
    • Cisco Customer Identity — Cisco acts as the Service Provider. The user name must already exist as a Cisco Identity.

    • My IdP— the user authenticates through your Service Provider. The user name must already exist in the IdP database.

  8. Optionally, select one or more Company Roles.
    • Company Admin— can create and manage users, assign roles/licenses/Tenants, and configure company preferences.
    • Support— can open and manage Support requests with AppDynamics.

    • License Admin— can view and assign licenses on Controller Tenants to which they have access rights.

      Note: If you do not select a role, the user defaults to the Company User role with limited account access. See User Permissions Matrix.
  9. Click Next.
  10. Add Tenants to User as follows:
    1. From Add a User > (2) Assign Tenants, select the tenant names that you want the user to access.
    2. (Required) Add the user to one or more tenants.
    3. Click Create & Next.
    4. From (3) Assign Tenant Roles,clickClose.
    5. Click Assign.
    1. From the Assign Roles dialog, check the desired roles from the Default Roles and Custom Roles tabs.
    2. Click Save.
    3. Click Close.

Manage Existing Users

You can create and manage company users and guest users. See User Types to understand the differences.

Company Users

Edit

The Edit UI allows Company Admins and License Admins to edit Company Roles accordingly. See Company Role Options.

Note: You cannot edit the email address because it is the user's primary system security identification and user name for logging in.
  1. Navigate to Access Management > User Management.
  2. Select Company Users.
  3. Select a user and clickEdit.
  4. Update Basic Information as necessary.

  5. Optionally, update available Company Roles.

  6. Click Save.

The user you update must refresh their browser to view the edits.

Bulk Edit

The Edit UI allows Company Admins and License Admins to edit Company Roles accordingly. See Company Role Options.

Note: You cannot edit the email address because it is the user's primary system security identification and user name for logging in.
  1. Navigate to Access Management > User Management.
  2. Select Company Users.
  3. Select two or more users and click Edit.
  4. From the Access dropdown, select one of the following:
    • Change Authenticated Method- You can change the method for authenticating the user to an Identity Provider (IdP) or the Cisco Customer Identity. If you have set up SAML for the user, you will want to select the IdP used for the SAML configuration.
      1. Select an authentication method for the users.
      2. Click Primary.
      3. From the confirmation message, click Click here for more detailsto view the Status Report dialog.
    • Assign Platform Tenants to Selected Users- You can add users to one or more Observability Platform tenants and assign the users to roles.
      1. Select the tenants that you want the users to access.
      2. Click Next.
      3. Click Edit next to the tenant where you want to assign one or more roles.
      4. From the Assign Roles dialog:
        1. Select the default roles from the Default Roles tab that you want to assign to the user.
        2. Select the custom roles from the Custom Roles tab that you want to assign to the user.
      5. Click Save.

  5. Click Save.

Filter

You can view only users with certain Roles, Statuses for Controller Tenant assignments using the Filterpanel. If you select multiple Tenants, the filter displays all users for each Tenant cumulatively.

  1. Navigate to Access Management > User Management.
  2. Select Company Users.
  3. Click Filterto open the Filter panel.
  4. Check the box next to the desired options.

  5. Click Apply.

Activate/Inactivate
Warning: Inactivating users will prevent them from logging in to any Splunk AppDynamics role-based component, including all associated Tenants.

You can only activate a user that has Inactive status. You can only inactivate a user that has Active status. Pending users do not have Active status by default.

To activate a user:

  1. Select one or more users with the Inactive status.
  2. Click Activate.
  3. Verify that you want to continue.The user retains access to appdynamics.com and related services.

To inactivate a user:

  1. Select one or more users with the Active status.
  2. Click Inactivate.
  3. Verify that you want to continue.The user remains inactive until the admin either deletes or deactivates the account.
Delete

When you delete a Controller Tenant user through the Controller Tenant UI, their account is still in Active status in the Account Management Portal. This ensures the user can still access other Controller Tenants to which they may have access rights.

Warning: Deleting a user in the Account Management Portal is permanent and is not reversible.

You can only delete a user with Inactive status. Users with Active status must be set to Inactive before you can delete them.

  1. Select one or more users with the Inactive status.
  2. Click Delete
    .
  3. Click Delete to verify the action.Splunk AppDynamics emails the user notifying them that their account is no longer available.

Guest Users

Filter

You can view only users with certain Roles, Statuses for Controller Tenant assignments using the Filter panel. If you select multiple Tenants, the filter displays all users for each Tenant cumulatively.

  1. Navigate to Access Management > User Management.
  2. Select Guest Users.
  3. Click Filter to open the Filter panel.

  4. Check the box next to the desired options.

  5. Click Apply.

Remove

You can only remove a Guest User from a tenant. Youcannotdelete the user permanently. If you accidentally remove a Guest User from a tenant, you can always re-add the Guest User to the tenant.

  1. Navigate to Access Management > User Management.
  2. Select Guest Users.
  3. Select a user and click Delete
    .
  4. From the Remove Guest User from Tenant dialog, click Continue.
    Note: Splunk AppDynamics emails the user notifying the Guest User that he or she has been removed from the tenant.

User Roles and Permissions

User Roles and Permissions

Role Options

A role is a collection of permissions defining actions a user can perform within the Splunk AppDynamics-managed environment. There are several company roles available:

RoleFunctionality
Company Admin
  • Has the highest level of access.
  • Can administer a Tenant.
  • Can view all licenses or Tenants the company owns.
License Admin
  • Requires one user per Tenant is set as a Primary Contact with Splunk AppDynamics.
    • You designate this user during initial Tenant provisioning and only Splunk AppDynamics can modify it.
    • This user is set to receive maintenance and license notifications.
  • Can only view and administer licenses for a license to which they have access.
  • Can administer Splunk AppDynamics SaaS tenants when assigned as Primary Contact during provisioning.
  • Can administer Observability Platform tenants when assigned as Primary Contact during provisioning and when delegated by Company Admin.

  • Can add or remove License Admins on the same license (unless that admin is the Primary Contact).

To remove the Primary Contact from the role, you must open a support request with Splunk AppDynamics and provide a new Primary Contact for the license.

Support

Provide users with the ability to open and manage support requests with Splunk AppDynamics.

Tenant User

  • Every user has this role when you grant them access to any Tenant.

  • Is the most basic user role. Specific permissions for this user are set at the Tenant level. See Assign Tenant Roles, SaaS User Management, and Manage Custom Roles for Splunk AppDynamics.

  • Shows only once per user regardless of how many Tenants they are associated with.

Company User (default)

Users default to this role if you do not select a specific role for them.

  • Can access Community and University.
  • Can view account details.
  • Can manage their profile and notifications.
Observability Platform Tenant-specific Roles

These predefined roles allow administrators to define a user's actions in the Observability Platform tenant. They are Observability Platform tenant-specific with default permissions set and are not editable.

Note: Cisco Observability Platform modules can also create roles through Solution Principals. Thus, if you subscribe to modules for Cloud Native Application Observability, you may see other roles in the Account Management Portal.
RolePermissionsSupported Assignees
Agent
  • Can post MELT data through the Common Ingestion Service API.
  • Can access other APIs meant for agent consumption.
  • User
  • Service Principal
  • Agent Principal
Config Manager
  • Inherits Troubleshooter Tenant role permissions.
  • Has full access to configure alerting, data sources, and other integrations.
  • Cannot perform administrator functions such as adding users to a tenant, modifying another user's access, or creating new service principals.
  • User
  • Service Principal
Observer (Default)

Only has read-only access, but may not necessarily have access to read privileged information such as access configurations.

Users default to this role if you do not select a specific role for them.

  • Has read-only access to metrics, events, logs, and traces (MELT) data.
  • Cannot view configuration details.
  • User
  • Service Principal
Tenant Administrator

A Tenant Administrator can access everything on a tenant except a public API that is not mapped to a permission.
  • User
Troubleshooter
  • Inherits Read Only Tenant role permissions.
  • Can manage health rules.
  • Can respond to system alerts.
  • Can troubleshoot issues.
  • User
  • Service Principal

Role Permissions

This table provides global role permissions for Splunk AppDynamics users. To review Observability Platform tenant-specific role permissions, navigate to Access Management > Observability Platform tenant Roles, click on a role, and review the Permissions list.

Permissions Company AdminLicense AdminSupport User Tenant User Company User

Add User

Edit User Name

Edit User Status

Delete User

Configure SAML

Assign Company Admin Role

Assign License Admin Role

Assign Support Role

Manage Service Principals

View Professional Services Projects

Assign Education Subscriptions

Edit License MAC Address

View License Usage

Assign Licenses

Launch a Tenant

Log in to an assigned Tenant

View Open Tickets

Create a New Ticket

View Active Resources

Access Downloads

View Account Details

Access Splunk AppDynamics University

Access Splunk AppDynamics Community

Manage Profile

Customize Notifications