This product section is only visible if the user has the following permission enabled (either by a predefined or a custom role):

User can view user list of their organization

For more information please also see Roles and Permissions.

In this section you can manage the users of your organization. You can add new users and manage the user rights.

1 Table View
- 1.1 Global Actions
- 1.2 Columns in the Table
- 1.3 Activities on the table rows
2 Actions
- 2.1 Add new User / Edit User Settings
  - 2.1.1 Name, Email and Language
  - 2.1.2 Roles
    - 2.1.2.1 Permissions of our Predefined Roles
    - 2.1.2.2 Permissions of Custom Roles
    - 2.1.2.3 Resulting Permissions for a User
    - 2.1.2.4 Preview Permissions
- 2.2 Delete User

Table View

Global Actions

Add new User
Opens the user editor to create a new user editor. See section "Add new User / Edit User Settings" below for details.
Add from Address Book

Columns in the Table

Email
First Name
Last Name
Username
specific for SAML user binding
SID
specific for SAML user binding
Roles
The roles assigned to a user account
Enabled
Status of the user account. If an account is currently not enabled, the user cannot login nor use the API.
The parameter can be changed only via AdmInWeb, or via eSignAnyWhere API by a user with administrative permissions on users.

The columns "Username" and "SID" are visible only if one of the following is fulfilled:

The SAML configuration is configured in the instance configuration (i.e. the configuration "externalServices/shibboleth/allowSamlLoginForUser" is enabled & "externalServices/shibboleth/configService" has a value)
System is running in OnPremise.

Activities on the table rows

Edit user settings (
)
A detailled explaination of the user editor can be found in the section "Add new User / Edit User Settings" below.
Delete user (
)
A detailled explaination of the action can be found in the section "Delete User" below.

Actions

Add new User / Edit User Settings

Searching for a role is triggered by clicking on the role search field. Then start typing the role name, and the results are automatically filtered. The result will list all matching roles, including the predefined roles and also the custom roles defined for your organization:

Name, Email and Language

After you added a new user, the user gets an email with a link and has to activate his profile and set up his password.

Note that it is not possible to change a user's email address. In case a user's email address changed, please download all the documents of signed envelopes (if not done before), and then create a new user with the new mail address and let the user log in to be sure the user was activated and is working as intended. After that, delete the user with the old email address. During deletion of the user, you will be asked to reassign the in-progress envelopes, drafts etc to another user. Here you can select the newly created user.

Roles

Permissions of our Predefined Roles

Following predefined roles are part of standard configuration of eSignAnyWhere:

Power User
Registered Signer
Administrator
Automatic Sealing Sender
Developer
Api User

Users with the role “Power User” can send and manage envelopes.
Users with the role“Registered Signer” can sign documents and see the signed documents and tasks.
Users with the role “Administrator” are able to change organization settings, manage users and the user can define teams.
Users with the role “Automatic Sealing Sender” can use the automatic remote signatures in a workflow.
Users with the role “Developer” can download the envelope XML/JSON of his/her envelopes.
Users with the role “Api User” are allowed to use the SOAP/REST API

These roles are fixed, i.e. cannot be modified.

Permissions of Custom Roles

In addition, with custom roles enabled, additional roles can be defined. Each role typically grants or removes (blocks) permissions from users.

For more information about how to create a new role please have a look at this guide: Roles and Permissions

Resulting Permissions for a User

The combination of roles which are assigned to a user defines the resulting set of permissions. E.g. one role can grant 5 permissions, but another role takes away (blocks) 2 permissions. Let's assume one of them overlaps with the permissions granted by the first role. The resulting permission set has only the 4 permissions of the first role granted to the user, which are not "removed" by the blocking-permission configuration of the other role.

Preview Permissions

The button "Preview Permissions" under the control which allows role assignment will help to understand the resulting permission set. It shows, in a readonly view, the permission set resulting from the roles assigned to the user. For debugging purpose, the preview allows to selectively add or remove roles, to simulate how the resulting permissions change.

Delete User

Action which allows a user to delete another user's account on eSignAnyWhere. A user cannot delete his own account.

Before deleting a user account, the current user who performs the action will be asked to confirm the user deletion. Note that a deletion, once confirmed, cannot be undone.
The dialog will show the user's name and email address, to ensure that the intended user account is deleted.

When the user account who should be deleted was used for sending envelopes, and the envelopes are not yet deleted, it is mandatory to specify another user to whom the already sent envelopes in any state (including in-progress and completed ones) are re-assigned. The dialog allows (but does not require) to reassign also drafts, templates, clipboard entries and address book entries to another user.

Figure	Description

Figure	Description
	User reassignment before deletion settings