Create a User Account
Required User Role: Administrator
On the Users page, you can create an account for a new user.
To create a user account:
-
In the upper-left corner, click the button.
The left navigation plane appears.
-
In the left navigation plane, click Settings.
The Settings page appears.
-
In the left navigation, click Settings.
The Settings page appears.
-
Click the Access Control tile.
The Access Control page appears. On this page, you can control user and group access to resources in your Tenable Web App Scanning account.
-
Click the Create User button.
The Create User page appears.
- Configure the following options:
Note: To view and configure options in each section, you must select the section in the left menu.
Option Action General Section Full Name Type the first and family name of the user. Username Type a valid username.
A valid username must be in the format:
name@domain
where domain corresponds to a domain approved for your Tenable Web App Scanning instance.
Note: During initial setup, Tenable configures approved domains for your Tenable Web App Scanning instance. To add domains to your instance, contact your Tenable representative.
Note: Tenable Vulnerability Management usernames cannot include the following characters:
', !, #, $, %, ^, &, *, (, ), /, \, |, {, }, [, ], ", :, ;, ~, `, <, > and the comma "," itself.Email Type a valid email address in the format:
name@domain where domain corresponds to a domain approved for your Tenable Web App Scanning instance.
This email address overrides the email address set in the Username box. If you leave this option empty, Tenable Web App Scanning uses the Username value as the user's email address.
Note: As an Administrator, you can create user accounts with email addresses from unapproved domains. Once a user account is created, you can only change the email address to another approved domain.
Password Type a valid password. See Password Requirements for more information.
In Tenable Web App Scanning, passwords must be at least 12 characters long and contain the following:
- An uppercase letter
- A lowercase letter
- A number
- A special character
Verify Password Type the password again. Role In the drop-down box, select the role that you want to assign to the user.
Note: Administrator users have complete access to all resources on your Tenable Web App Scanning account.
Authentication Select or deselect the available security setting options. When selected, these settings:
Note: If you enable the Password Access or SAML options for a user with a custom role, the user automatically has basic access to your dashboards and widgets.
API Key — Allow the user to generate API keys.
Tip: You can select only this setting to create an API-only user account.
SAML —Allow the user to log in to their account using a SAML single sign-on (SSO). For more information, see SAML.
Username/Password — Allow the user to log in to their account using a password.
Note: If you deselect this option, you cannot select the MFA option.
Two-Factor Required — Require the user to provide two-factor authentication to log in to their account.
Tip: You can configure two-factor authentication for your own account on the My Account page.
User Groups Section User Groups Select the user group or groups to which you want to assign the user.
By default, a new user belongs to the system-generated All Users user group, which assigns the user the Basic role.
Add a user group:
Click anywhere in the User Groups box.
A search box and drop-down list of roles appear.
(Optional) In the Search box, type a user group name.
As you type, a list of user groups matching your search appears.
Click the user group you want to add.
In the User Groups box, Tenable Web App Scanning adds a label representing the user group.
- Repeat these steps to add the user to another user group.
Permission Section Permissions In the Permissions table, select the permission configurations you want to assign to the user.
-
Click Save.
Note: If you assign permissions to the user, the button appears as Add & Save.
Tenable Web App Scanning lists the new user account on the users table.