Adding users manually
Create user accounts in Trelica.
Adding users manually is useful when you are adding a small number of users or if you want to add a user that does not exist in your identity provider (such as an external contractor or auditor) and therefore cannot use SAML-based SSO.
When you add users to Trelica manually, an email notification is sent to the user inviting them to log in. Users can log in with an email address and password, or use OpenID Connect for single sign-on with an existing Google or Microsoft account.
By default when a user is invited to log in to Trelica, they set a password for their account. As an alternative you can enable single sign-on (SSO) with OpenID Connect so that users can log in with an existing account in Google Workspace or Microsoft Azure AD.
🧙🏾 Users can only SSO with an existing account if the account email address matches the invitation.
To configure the login options:
- 2.Under Single Sign-On expand SAML options:
- To allow users to log in with their email address and password, select Allow password login.
- To allow users to SSO with an existing Google or Microsoft account, select Allow OpenID Connect.
- 3.Click Apply changes.
According to the options you have enabled, the SSO OIDC providers and the email address and password options are displayed on the Trelica login page when the new user uses the link to accept their invitation.
On subsequent login attempts, only the option that the user has set up is displayed. Users can enable alternative login options from their profile page (subject to what is enabled):
- 1.When logged in to Trelica, in the top right-hand corner click your profile icon and select your user name. The profile page is displayed.
- 2.Select Password or External login and make changes as appropriate.
If the individual you want to invite already has a person record in Trelica (which should be the case for everyone in your organization, assuming you have set up an identity integration), we recommend inviting users from the People view:
- 1.Open the People view. The Trelica user column indicates whether or not a person already has a Trelica account.
- 2.For each individual that you want to invite, click the menu icon and select Invite.
- 3.Select the Trelica user role that you want to give to the user. For more information about the available roles, see Roles.
- 4.Click Invite. An email is sent to the user, inviting them to complete the registration process. If you have enabled SSO, users will be prompted to log in via your identity provider. Otherwise, users will be asked to create a password in order to log in.
If you need to create a Trelica user account that does not have an associated person record, you can do so from the Users view. This is useful if you're working in a sandbox instance that is not connected to your identity provider.
To create a Trelica user that is not associated with a person record:
- 2.Click New. The New User dialog is displayed.
- 3.Enter the user's name and email address, and select the role you want to give them from the list. For more information about the permissions associated with each role, see Roles.
- 4.By default an email invitation is sent to the new user's email address, asking them to confirm their email address. If you do not wish to send this, clear the Send invitation email checkbox. The user will still be able to log in.
- 5.The new user account is enabled by default. If you want to disable the account so that the user cannot log in to Trelica, clear the Enabled checkbox.
- 6.Click Create. The user account is added to Trelica and a notification is sent to the user's email address (if enabled).
If you create a user account from the Users view and a matching person record already exists, Trelica will merge the user account and person record.
Most, if not all, users in Trelica will have first been added as people by an identity integration and then added as users by self-enrolling, requesting access, or invitation.
When user access needs to be terminated (because the user has left your organization or changed responsibilities), you can either disable the relevant user account or delete it. Both will prevent the user from logging in to Trelica.
If users are only able to log in via SSO (either SAML-based or OpenID Connect), then removing the user's account from the provider will prevent them from logging in to Trelica. We recommend deleting their user account from Trelica as part of your offboarding process.
To disable or delete a user account:
- 2.Select the relevant user, click the menu icon and select Disable or Delete as appropriate.
🧙🏾 If the user has left your organization, you may want to set an end date in their person record. We do not recommend removing person records, as this will impact historic app usage data.