We noticed that JavaScript is disabled in your browser. We suggest enabling it for a better experience.
We noticed you're using an older version of Internet Explorer. We suggest you update to the latest version for a better experience.
Skip to main content

About User Management

Managing users is the process of creating, editing, and deactivating user profiles, and assigning roles to those profiles

There are two methods of managing users in OpenForms.

  1. In the OpenForms Admin area.

  2. With an external system like Microsoft Azure AD or the OpenCities CMS.

Depending on your organization's needs and IT policies, you can manage users with any combination of methods, although an individual user can only be managed by one system (OpenForms, Azure AD, or OpenCities) at a time.

If you opt to manage users externally, it’s important to retain at least one Account owner managed in the OpenForms admin area. This user can access forms and responses in the event of an outage in your external system.

Local User Management through Admin

When you first start using OpenForms, the default method of managing users is through Admin > Users.

user list in admin

This is also where Admins and Account owners can see a full list of the users in your OpenForms organization.

Users managed in the admin area:

User Management with Azure AD

If your organization uses Microsoft Azure AD to manage staff access to systems, apps, and services, you can use the Azure AD connector to manage OpenForms users. The Azure AD connector is premium connector available via Integrations.

Users managed through the Azure AD connector:

  • Are automatically assigned profiles and roles based on their Azure AD user group.
  • Are added to Azure AD user groups by your IT team.
  • Are managed in OpenForms as groups by Account owners and cannot be managed individually.
  • Login to OpenForms using their Microsoft SSO credentials for your organization.
  • Cannot update their own details and password in OpenForms.

User Management via OpenCities

If your organization has an OpenCities site you can connect it with your OpenForms account and use the OpenCities CMS to manage staff that also use OpenForms. For example, a content author with the OC Power Publisher role who can create an OpenForm and insert it into pages.

Users managed through OpenCities

  • Are automatically assigned profiles and roles based on their OpenCities role.

  • Are assigned roles in OpenCities by system admins, site managers, or user managers.

  • Log in to OpenForms using their OpenCities credentials.

  • Cannot update their own details and password in OpenForms.

  • Can insert OpenForms directly into OpenCities pages from the WYSIWYG Editor.

If your organization has both an OpenCities site and an Azure AD account, we recommend using the Azure AD connector to manage OpenForms users.

Managing users through OpenCities is a process that is controlled entirely within OpenCities.

How Systems are Prioritized

If an individual OpenForms user is managed by multiple user management systems, their profile and roles will be assigned according to the following priority order:

  1. Azure AD

  2. OpenCities

  3. OpenForms

Each system completely overrides those below it.

For example, if your organization uses both Azure AD and OpenCities to manage users, and an individual user is assigned the Admin and Reviewer role through OpenCities, but only the Reviewer role in Azure AD, they will only have the Reviewer role in OpenForms.

Users managed in both Azure AD and OpenCities will have their profiles and roles managed in Azure AD, but retain the ability to insert OpenForms into OpenCities pages.

User conflicts are defined by the user’s email address, rather than their name or other attributes, so it’s important to use the same email address for staff across user management systems.

What Happens if an External System is Disconnected

If your organization manages users via an external system like Azure AD or OpenCities, and you permanently disconnect from that system, the users managed by that system will be affected in following ways:

Azure AD

If the Azure AD connector is permanently disconnected, any OpenForms users managed via the connector will also be permanently deactivated, regardless of whether they were previously managed in OpenCities or OpenForms.

If you've disconnected from Azure AD, but would like to retain the user profiles managed by the Azure AD connector, contact support to migrate the management of those users to your OpenForms Admin area.

OpenCities

If OpenCities is permanently disconnected from OpenForms, any OpenForms users managed in OpenCities will migrate to a user managed in the OpenForms Admin area, unless they are already managed in Azure AD.

Migrated users will receive a link through which they can update their password to finalize the migration.

What Next?

Was this helpful?