User management in Opus 2 Platform involves working with a combination of users, teams, system roles and projects. Each of these components may be accessed from the system administration 
icon in the top right hand side of the Opus 2 Platform screen.
This section describes the general features and management of each of the components involved with user management in further detail.
TABLE OF CONTENTS
User management tabs and tables
Lists of registered Users, Teams, System roles and Projects are available in table format accessible from four separate tabs in the system administration menu. These contain basic information about each of these different components, and allow an administrator to perform basic management via the 'Actions' drop-down menu for each table. Each table also has a right hand side details panel that allows an administrator to view details of any highlighted record.
Selecting and highlighting records in table layouts
The general logic of the Opus 2 Platform layout is one in which lists of records are displayed in a table where an individual record can be selected via a checkbox or highlighted.
It is important to note that selecting a record with a checkbox will include this record in any action that may be performed via an Actions menu, whereas highlighting the record will simply display the details of this record in the right hand side details panel. It will not be included in any action unless it has been selected.
Please make sure when performing actions on records that the correct record is selected. Where one record is highlighted with its details displayed in the right hand side panel and another record is selected, if the action 'delete' was chosen, it would be applied to the selected record, not the one with its details on display.
Individuals who have access to the Opus 2 Platform in any capacity are referred to as 'users'.
All users that have been added to an instance are listed under the 
tab of the system administration menu, accessed via the 
icon in the top right-hand corner. Once a user is authenticated, the following information can be held:
User information | Explanation | Status |
|---|---|---|
Image | Displays an image file. This can be added by the individual user or by an administrator with access to the users tab. | Optional. May be edited by the individual user or by an administrator. |
Name | Full name of the user. Alphabetical sorting is done by first name. | Mandatory on registration. May be edited by the individual user or by an administrator. |
Company | Name of company associated with the user. | Optional. May be edited by the individual user or by an administrator. |
Personnel number | Number or text field that may be used for any potential id associated with the user. | Optional. May be edited by the individual user or by an administrator. |
Status | User account's overall status within the system, it will be set as either active; suspended; locked; never logged in. | Automatically generated system setting. |
Authentication | Whether the user is registered via single sign-on (SSO) or password | Mandatory on registration. May be changed by an administrator. |
Last login | The most recent date and time the user accessed the system | Automatically generated system setting. |
Teams | Number of teams that the user is associated with | Automatically generated system setting. |
Projects | Number of projects that the user is added to | Automatically generated system setting. |
Role | Role allocated to the user | Mandatory on registration. May be changed by an administrator. |
Job title | User's position in the company | Optional. May be edited by the individual user or by an administrator. |
Address | Location of the company | Optional. May be edited by the individual user or by an administrator. |
City | Location of the company | Optional. May be edited by the individual user or by an administrator. |
Phone | Contact number of the user | Optional. May be edited by the individual user or by an administrator. |
Email address | Registered email address of the user | Mandatory on registration. Can not be changed as it is used as a unique identifier. If a user wishes to change their email address but keep their user account, please contact support. |
Adding multiple users:
Users may be imported in bulk from a spreadsheet via the 
icon. System users can browse for a file or drag and drop a spreadsheet to the 'import new users' dialogue box. Supported file types are .xls, .xlsx and .csv. Name, email address and authentication method of the new users are mandatory information that must be included in the spreadsheet.
Once user identities are created within the system, it is recommended that a system administrator adds users to relevant Teams or projects before the user logs in for the first time, to ensure users can access to their relevant project. This is not mandatory, but a user that logs in to an instance without having any projects allocated will see a 'content inaccessible' message.
Deleting a user removes all reference to this user within the system. For this reason, only users with status 'never logged in' can be deleted.
Users that have been active within a system can not be deleted, but they can be suspended. Suspended users are hidden from the 'users' list in the system administration menu by default, and will not show up in any searches or filters.
If administrators wish to view or search for suspended users, the toggle 'show suspended users' should be set to ON.
Opus 2 Platform allows for two types of user authentication: single sign-on (SSO) and password.
Integration with a client authentication provider can be implemented when an new instance is set up. When SSO is set up, no users are created in the system, each individual user account is created ad hoc whenever the user logs in to Opus 2 Platform for the first time.
It is possible to create a user account in Opus 2 Platform for users that are expected to be logging in via SSO. This will essentially function as a 'holding' account before the user logs in and is created in the underlying database.
Creating an account prior to the user logging in allows an administrator to allocate the user to Teams or Projects, to add information about the user and to give the user a system role.
Opus 2 Platform uses the email address field as the unique identifier for matching a 'holding' account to a user that has been registered in the database. If a user accesses the system with a different email address than the one that has been set up in advance, a new user account will be created instead.
Because user accounts authenticated via SSO are anticipated to be used as holding accounts for an administrator to manage in advance of a user logging in, when and SSO authenticated account is created from within Opus 2 Platform, no notification email is sent to the user email address.
Users that are not able to log in via SSO, often users external to an organisation that have been invited to work on a specific project, can be created and authenticated directly with Opus 2 Platform via password authentication.
Opus 2 Platform also supports password users with multi factor authentication (MFA) which can be configured via an OTP authenticator application such as Google or Microsoft Authenticator.
A user that is added to an instance of Opus 2 Platform as a password user will be created in the database immediately, and two email notifications will be sent to the user.
The first email informs the user that they have been added to the Opus 2 Platform.
The second email contains an activation link that will instruct the user to set up their MFA (if required) and choose a password. This link expires after 24 hours.
There are no specific password requirements set up by default in the Opus 2 Platform user management system, but individual instances can be configured with specific password requirements if desired.
If a user has failed to log in within 24 hours of receiving the email inviting them to register with Opus 2 Platform, an administrator can re-send the registration link via the 'notify' option in the user 'Actions' drop down menu. Only users that have status 'never logged in' can be notified of their registration link.
A Team is a named collections of users. The main purpose of Teams is to facilitate a simple means for adding users to projects. Once users have been added to the system they can be organised into and added to teams. These teams are global across the system and can be added to multiple projects. Individual users can be a member of multiple teams.
Teams can not be given specific user roles. This is different from project Groups that may have user roles applied. On a system level, roles are applied to individual users. Users with different roles may be in the same Team.
The 'Projects' part of the system administration lists three columns related to users: Users, Teams and Teams users. A User has been added to the relevant project as an individual user, whereas 'Teams users' lists the number of individual users that has been added to a project as part of a Team. The management of these user types have some differences.
If a user has been added to a project as a team user rather than as an individual user, that user may not be removed from the project unless the Team is removed from the project. The user may be removed from the Team, but this will cause the user to lose access to all other projects they may have been added to as a Team user. If a system administrator attempts to remove an individual user that was added as a Team user from a project, they will be given the option of removing the Team and automatically adding the other team members to the project as individual users.
If a Team is deleted, any users that were part of that team remain as users on the system. Any users that have been added to a project as part of that Team will be automatically removed from the project.
The projects table in the system administration menu functions primarily as a means for user management. Users and Teams can be added to and removed from projects on this page. In addition, the projects table gives a brief overview of some features of each project.
It is not possible to create projects or administer projects from within the projects table beyond basic user management. New projects can be created from the main system dashboard, and project administration is accessed from within the individual project.
The projects tab is accessed from the icon on the top right-hand corner. The following information is held about each project:
Projects information | Explanation |
|---|---|
Name | Name of the project. |
Description | If a description of the project has been created, it will display here. |
Users | Number of individual users that have been added to the project. |
Teams | Number of Teams that have been added to the project. |
Teams users | Number of users that have been added to the project as part of a Team. |
Created date | Date and time the project was created |
Last access | Most recent date and time the project was accessed by any user. |
Number of documents | Number of documents that have been added to the project. |
Status | Status refers to whether the project is available for a user to enter. A project may have three different statuses:
|