cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can I add multiple users with "tenant role?

Randy.Manipon
New Poster

Previously, I added user in controller and the role is automatically assigned as "tenant role". I tried to add another one but this time it's "tenant role" is not automatically assigned. Can I add multiple users w/ tenant role?

3 REPLIES 3

Bill.Howard
Moderator
Moderator

Hi @Randy.Manipon , yes, you should be able to.  When you added the second user, did you use the controller as well?  The tenant user role is assigned ONLY when adding a user to a controller account using their email address - which should be the only way you can add the users now.  Tenant User is a "read only" role in the Accounts User Management page.  It's intended to signify that the user has been granted access to a specific controller account which is accomplished by adding them in the controller account itself.  One thing to keep in mind is that only AppDynamics managed users can be assigned tenant user role now - NOT SAML users.  So, if you have a SAML user on the controller, that user does not show in the Accounts User Management experience.  Does this help?

Got it, thanks! Is tenant user can login as SSO?

Our team is planning to add multiple tenant users.

Hi @Randy.Manipon ,

 

That ends up being a bit of a complex answer.  

 

Right now, tenant user ONLY refers to a user that logs into a controller where the controller setting being used is "local"/"AppDynamics" user.    There are 2 SAML configurations now - one for Accounts website services that is only for Accounts website access (not controller account) and one for Controller accounts, which is only for controller account use.  


So, right now, you would have to setup SAML for Accounts to give your users access to Accounts services (training, support, community, etc) using their corporate credentials and SAML using the "Security Provider" settings within the controller itself.  That will allow your users to access the controller/product capabilities using their corporate credentials.

 

In the not too distant future, that will be changed somewhat, but more on that will be provided when we are ready.  For now, tenant users are authenticated only by AppDynamics, not SAML.   If you want SAML for all surfaces, configure it in the Accounts SAML Federation area and in the controller Security Provider area.

 

I hope that helps,

Bill