This feature only applies to customers who are managing their user permissions out of Whistic, instead of directly through an SSO provider. If you would like to manage your permissions through an SSO provider, please contact firstname.lastname@example.org to enable. Access to this feature may depend on your product package, company settings and/or user settings. Please consult your Customer Success Manager for more information.
There are a couple of ways that a user can be created in your company within Whistic. This article shows you how to customize the default privileges that users have when they register with your company.
Main menu > Admin Tools > Company Settings. Under the General tab of the Company Settings, you will see the following below. Please note, you will only see items 2 & 3 if 1 is set to Allow email address from these domains.
#1 Sign Up Approval Modes
There are 2 modes: Invitation Only and Allow email address from these domain
Has the most control and is also the most manual process. Only users that a Whistic Administrator has invited via User Management have access to Whistic.
The level of access is determined as the user is invited.
This setting does not require any additional setup steps.
Allow email address from these domains
An automated process that will auto-provision users based on the criteria you set up in #2 & #3 below. Enabling this setting will prompt the additional steps outlined below.
For true automation, this must be used with SSO and sign in through SSO must be enforced (ie. no sign in through username/password). Please contact email@example.com to confirm if sign in through SSO is enforced.
(Rare situations) For accounts that use this feature in conjunction with a general user registration link, Whistic Administrators will receive an 'Approve User Access' notification anytime a user is attempting to complete registration within your company account. To approve access, simply go into User Management > Edit User > Check the 'Managed' box.
A Whistic Administrator can authorize immediate access to users whose email domains match what is listed in this section. Again, only if signing in through SSO is required. Please contact firstname.lastname@example.org to enforce sign in through SSO.
You may add as many email domains as you would like here. Type in your email domain (@example.com) and hit the Enter/Return key.
#3 Default Privileges
Select default roles and click Save. Read-Only Vendor Catalog is the least amount of access you can grant by default. For more details on user privileges click HERE.