Managing console access

When you add a user to the platform, a user profile (or record) is created for the user.

You can add users to the platform in the following ways:

Important: You cannot create a user from the Access control page of your cluster console as the page has no provision to set up a password for a new user. You can use the page to add an LDAP or OpenShift user to your cluster. When you add a user, you must specify the OpenShift or LDAP login ID of the user in the Username textbox that is on the Add user page.

Before you begin

Required permissions

To manage access to the console, you must have one of the following permissions:

About this task

You can create and edit user profiles from the Users tab of the Access control page.

Important: By default, an All users group is included. As the name suggests, all users are automatically included in this group. The group is used to give all platform users access to the console and common features, such as their profile and settings. You cannot edit or delete this group.


To give users access to the console:

  1. Log in to the console.

  2. From the navigation menu, select Administration > Access control.

  3. Open the Users tab.

  4. Click Add user.

  5. Specify the appropriate information for your environment. The information that you need to specify is different based on the environment where you are adding the user. Review the table after the procedure for the information that you need to specify: Required information for creating a user.

  6. Click Next.

  7. Specify how you want the user to get their permissions. Either assign roles directly to the user or add the user to the existing user group.

  8. Click Next.

  9. Select the appropriate roles or groups to assign to the user.

  10. Click Next.

  11. Review the summary. If the values are correct, click Create.

Required information for creating a user

Table 1. Required information for creating a user
Environment Information to specify
Connected to an LDAP server - The user's full name
Ensure that you enter the user's given name and surname as they are specified in the LDAP server.
- The username that the user will authenticate with the appropriate value depends on the attribute that you specified for the User search field in the LDAP configuration.
- The user's email address
Ensure that you enter the user's email address as it is specified in the LDAP server.