Arthur Standard Access Control Overview#
In both SaaS and On-prem installations, Arthur ships with a build-in access control system that can be used to manage users, permissions, and access to organizations. This system has different capabilities than the SSO based paradigm. If your installation is using SSO, please see the Arthur SSO Access Control Overview.
Authentication#
Users authenticate to Arthur using a username and password, which is set when their account is created and can be changed later in the UI. Users can also use the login API endpoint to retrieve a token for use with Arthur APIs.
Applications and automated systems can authenticate with Arthur using API keys, which can be created in the Arthur UI from the organization menu in the upper right corner then clicking on Manage API Keys.
Note
Note: it is not recommended to use API-keys for non-automated use cases as they are not tied to user identities and can obscure who is performing actions. As a best practice, use API keys minimally only in the systems that need automated access, and be sure to create a rotation practice to ensure safe keeping.
Adding Users to an Organization in the UI#
To complete this section, you must have the “Administrator” role in your organization.
In the upper right corner, click on the organization menu, then click “Manage Members”. From this screen, you can enter the emails of additional users to add to the organization, manage the roles of existing users, and remove users from the organization.
Note
In order for email-based user invites to work, your installation must have an email integration set up. If not, you can use the Arthur API to create user accounts directly in your organization.
Adding Users to an Organization in the API#
Arthur also supports managing users via automated workflows using the REST API. In order to create a user in your organization, you will need to have Administrator privileges in that organization, or have access to the superadmin user for your Arthur on-prem installation. The following APIs are helpful for managing users:
Switching Between Organizations#
If a user is invited to multiple organizations, they will have the ability to switch between them in the UI. User can click on the organization menu in the upper right corner, and choose one of the other available organizations from that menu to switch to it. If no other organizations appear, that user does not have access to any other organizations.