TermWeb supports automatic user creation when logging in from an external authenticated source.
Specifically this feature is available with:
- API authentication using an API Key (XTM integration)
- OpenId authentication (XTM integration)
- SAML authentication (customer-specific configuration)
During these calls, if the user attempting to login does not exist (by name), then he/she is created before initiating the session.
If the user exists in TermWeb, then the session is created with the existing user.
The rights of the existing user are not changed in this case.
By default, the automatically created user is given administrator rights.
However, this can change by editing the following TermWeb properties:
api.new.user.is.admin=falseapi.default.user.group=<an existing user group name with API rights>
The first property results in creating users without a specific role, i.e. simple users.
The second property is necessary and applies only when the first property is false.
It assigns a user group to the automatically created users, which must have API rights in order for the API connection to work.
This is necessary, because non-admin users cannot access API functionality without belonging to an API user group.
By editing the API group permission scheme, the system administrator can assign specific rights to new users, like edit rights or read-only rights, even for specific dictionaries.