Create user

To add an user, you can go to the User list and click the Create user button.


The user form looks like below:

On the user form, all claims of a user are shown, with one exception. If a discrete claim has the Avoid upside setting activated, the users cannot see options of discrete claims that they themselves do not have access to.

Identify Name: This field should be set to the name that the user will be known by in Safewhere*Identify, preferably the user’s full name.

Enabled: If a user is disabled, he will not be granted access to any service provider of Safewhere*Identify or to the Identify*Admin application.

Upload user’s certificate: This option allows the user to upload certificate files that contain public keys (*.cer, *.crt). When the upload is successful, the thumbprint of the certificate will be saved under the claim type defined by the “STS Default Certificate Claim Type” property on the System Setup tab.


Manually update user password: This option specifies whether to autogenerate the user’s password or input it manually. This option is activated when the “Offer manual update of users’ passwords on user form” setting on the System Setup tab is set to True.

When “Set password manually” is selected, the user must manually input the password in both the Password and Retype Password fields.


Force Reset Password: Checking this check box simply means that the first time the user logs in to Identify*Admin, he is forced to change his current password to a new one. This can be used for situations in which the initial password was autogenerated and you want to make sure he changes it to one that does not exist as cleartext. Its default status is affected by the “New users must change password first time they log on” setting of its owner organization.

Owner Organization: This option specifies the organization that the user is added to.

Group: If the user will inherit rights from a group, you can add the user to the group using this field. To read more about groups, please see Group Administration.

Send password email to user: This check box is only shown when creating new users. You are prompted to have the system automatically send an email containing the password reset link to the new user informing him of his new autogenerated password as well as requesting he uses this to log in to change it to a password of his own choice.

Email claim type:  Multiple emails can be specified by using a semicolon ( ; ) between each email address. The email value must be unique.

Other Information: The fields you will see here will depend on the claims that have been set up in the system.