Adding users to Qlik Sense
The individual who creates the tenant is the Service Account Owner. If you are the Service Account Owner, you are also the first tenant administrator and only user who has access to the tenant. To add more users, you can either add them by configuring an identity provider (IdP), or by sending individual email invitations.
Adding users with an identity provider
If you have an IdP, you can create an IdP configuration in the Identity provider section of the Management Console.
To set up an identity provider, see Identity providers.
Adding users with email invitations
To send an invitation, you must be a tenant administrator. You can invite users to join the tenant by sending email invitations from the Users section of the Management Console or from your User profile menu. In the invitation window, you can list multiple email addresses separated by comma or space. When the user receives the email invitation, they have the option to join the tenant by clicking a link in the email. The email that the invited user receives contains a link, which is valid for a limited period. When the user clicks the link, they are redirected to a registration page.
The invitation status is shown as pending and the expiry date is displayed in the table on the Users page of the Management Console. When the user has registered, the status changes to active. If needed, you can resend or delete the invitation. If you delete the invitation, the user cannot register, even if the link has not expired.
Adding a user
Do the following:
- In the Management Console, go to the Users section, then click the Invite button.
Enter the email addresses of the users that you want to invite, then click Invite.Note:
You can delete an invitation from the Management Console.
Invited users are listed on the users section of the Management Console.
Managing users in the Management Console
When users are added to the tenant, they are listed on the Users section of the Management Console. Each user has a status depending on whether they are a fully registered user, a user who has been invited but not yet registered, or a user who has been deleted.
|Status||Description||Status can be changed to|
|Active||User is fully registered and can consume according to the user allocation. See Assigning user allocations.||Disabled|
|Pending||User is invited but has not yet registered.||Active|
User allocation is removed and that user cannot access their account or use the product.
All alerts owned by that user will be disabled as well.
The Users section displays all the users that have logged into the tenant. If a user has a certain user role, it is displayed in the roles field. The search option works for the fields: Name, User ID, IdP subject, and Email. The IdP subject field can be used for distinguishing one user from another if the names are identical and the email field is not visible.
For each user in the table, you have a button to the far right where you can assign and remove user roles, activate or disable users, and delete users.
Deleting a user from the tenant
You can delete active users or pending users from the Users section of the Management Console. Deleting an active user frees up a user allocation slot that can be assigned to another user. Deleting a pending user removes the user record from the system, and they won't be able to register through the email invitation. You can only delete one user at a time
Deleting a user
Do the following:
In the Management Console, open the Users section.
In the row for the user to be deleted, click the button ... to the far right.
Select Delete user to delete an existing user or Delete invitation to delete an invitee.
A delete confirmation is displayed.
What happens when you delete a user
Deleting a user has several implications beyond simply removing their entry from the users section of the Management Console. This section provides more detail about what happens to user information, data, and account information when a user is deleted.
What happens to user information of deleted users
When you delete a registered tenant user, all personally identifiable information is removed. In the Management Console, in the Users section, the Status column shows either Active or Disabled for a registered user. If a user is deleted while logged in to the tenant, the user session is invalidated.
What happens to a deleted user who is part of an IdP
When using your own identity provider, invalidating the user session does not prevent the deleted user from logging in again. If they attempt to do so, a new tenant user record is created. To prevent the user from logging in, they need to first be removed from the identity provider. If you have configured your own identity provider, you can remove the user yourself.
What happens to the Qlik Account of a deleted user
Users with Qlik Account cannot log in after being deleted from the tenant without being invited again. Removing a user from a tenant does not remove the user from Qlik Account.
What happens to unowned data
When a user is deleted, their spaces and apps no longer have an owner. The content associated with the user is not deleted. A tenant admin can assign new owners to spaces previously owned by the user. In the Spaces section of the Management Console, there is a button for changing owners.
Results of deleting an active or disabled user:
- User is no longer available in the tenant.
- API keys for the deleted user are revoked.
- User allocation is freed up for reassignment.
- Spaces now need the owner reassigned.
- Apps no longer have an owner.
- Management Console audit logs contain details of the deleted user event.
- Notifications are deleted.
- Alerts owned by the user are deleted.