Managing Users and Roles
This section discusses the following topics:
Aruba Central users can be broadly categorized as system and external users.
System users—Refer to the Aruba Central users who authenticate to the Aruba SSOSingle Sign-On. SSO is an access-control property that allows the users to log in once to access multiple related, but independent applications or systems to which they have privileges. The process authenticates the user across all allowed resources during their session, eliminating additional login prompts. server (public cloud deployments) or LocalDB servers (private cloud deployments). System users can access both the UI and APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. interface with their Aruba Central login credentials. Access for the system users is determined by the role to which they are mapped.
For more information on system user configuration, see in Aruba Central Help Center.
Network Administrators—Network administrators manage, configure, and monitor devices in their respective network or organization using the Standard Enterprise Aruba Central interface.
External users—Refer to the Aruba Central users who log in to Aruba Central using an external authentication source. External user accounts are maintained by IT administrators of the respective organizations. External users are also referred to as federated users. To provide a secure and seamless sign-on experience for external users, Aruba Central supports a federation configuration module based on the SAMLSecurity Assertion Markup Language. SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information. SAML enables single sign-on by allowing users to authenticate at an identity provider and then access service providers without additional authentication. SSO framework.
|
|
Aruba Central supports only the Identity Provider (IdP) SSO systems that support SAML 2.0. |
The following table lists the tasks that you can perform from the page:
| Task | For more information... |
|---|---|
|
Create, modify, or delete users |
|
|
Create, modify, or delete user roles |
|
|
Resend email invitation to users |
|
|
Enable Two-Factor Authentication (2FA) |
|
|
Enable support access to debug issues |
