Create a User Account

Required User Role: Administrator

On the Users page, you can create an account for a new user.

Tip: Looking for account creation via a SAML IdP? See the SAML documentation.
Note: User accounts expire according to when the Tenable Vulnerability Management container they belong to was created. Tenable controls this setting directly. For more information, contact Tenable Support.

To create a user account:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Settings.

    The Settings page appears.

  3. Click the Access Control tile.

    The Access Control page appears. On this page, you can control user and group access to resources in your Tenable Vulnerability Management account.

  4. Click the Create User button.

    The Create User page appears.

  5. Configure the following options:

    Note: To view and configure options in each section, you must select the section in the left menu.

    General Section
    Full NameType the first and family name of the user.

    Type a valid username.

    A valid username must be in the format:


    where domain corresponds to a domain approved for your Tenable Vulnerability Management instance.

    Note: During initial setup, Tenable configures approved domains for your Tenable Vulnerability Management instance. To add domains to your instance, contact your Tenable representative.

    Note: Tenable Vulnerability Management usernames cannot include the following characters:
    ', !, #, $, %, ^, &, *, (, ), /, \, |, {, }, [, ], ", :, ;, ~, `, <, > and the comma "," itself.

    Type a valid email address in the format:

    name@domain where domain corresponds to a domain approved for your Tenable Vulnerability Management instance.

    This email address overrides the email address set in the Username box. If you leave this option empty, Tenable Vulnerability Management uses the Username value as the user's email address.

    Note: As an Administrator, you can create user accounts with email addresses from unapproved domains. Once a user account is created, you can only change the email address to another approved domain.


    Type a valid password. See Password Requirements for more information.

    In Tenable Web App Scanning, passwords must be at least 12 characters long and contain the following:

    • An uppercase letter
    • A lowercase letter
    • A number
    • A special character
    Verify PasswordType the password again.

    In the drop-down box, select the role that you want to assign to the user.


    Select or deselect the available security setting options. When selected, these settings:

    Note: If you enable the Password Access or SAML options for a user with a custom role, the user automatically has basic access to your dashboards and widgets.

    • API Key — Allow the user to generate API keys.

      Tip: You can select only this setting to create an API-only user account.

    • SAML —Allow the user to log in to their account using a SAML single sign-on (SSO). For more information, see SAML.

    • Username/Password — Allow the user to log in to their account using a password.

      Note: If you deselect this option, you cannot select the MFA option.

    • Two-Factor Required — Require the user to provide two-factor authentication to log in to their account.

      Tip: You can configure two-factor authentication for your own account on the My Account page.

    User Groups Section
    User Groups

    Select the user group or groups to which you want to assign the user.

    By default, a new user belongs to the system-generated All Users user group, which assigns the user the Basic role.

    Add a user group:

    • Click anywhere in the User Groups box.

      A search box and drop-down list of roles appear.

    • (Optional) In the Search box, type a user group name.

      As you type, a list of user groups matching your search appears.

    • Click the user group you want to add.

      In the User Groups box, Tenable Vulnerability Management adds a label representing the user group.

    • Repeat these steps to add the user to another user group.
    Permission Section

    In the Permissions table, select the permission configurations you want to assign to the user.

  6. Click Save.

    Note: If you assign permissions to the user, the button appears as Add & Save.

    Tenable Vulnerability Management lists the new user account on the users table.