Using the CLI
To configure the CLI to use the username and password, run
Provide the following values when prompted:
- Organization ID:
- Access token: Leave this empty for now.
- Username: The username you use to login to
- Password: Your password.
The configuration settings are written to a local file at
- Organization ID:
To create an user on
styra-das-id.styra.comwith the CLI, run
styra create <email>, where
<email>is the email address of the user. For example: To create an user
styra create user firstname.lastname@example.org.
When prompted for a password, provide the user password. The user can also have a specific username or password for logging into
styra-das-id.styra.com, in addition to signing in with SSO. If the user wants to only sign on using SSO, then leave the password empty.
Verify that your SSO configuration works. In your browser, logout from
styra-das-id.styra.comand sign in again using the Okta button on the login page.
Using the GUI
You can add a new user or an existing user to your Workspace, and also add permissions to systems, stacks, and the workspace.
Invite Users to Your Workspace
In the Workspace access control, you can invite a user to access the DAS system or stack and assign them a Workspace role. The system or stack will send them an email invitation with a link to your DAS tenant.
Use Single Sign-On
Configure a Single Sign-On (SSO) provider and choose whether or not invitations are required.
If invitations are required then you must invite each user from your SSO identity provider that you want to access the DAS system or stack.
If invitations are not required then a user from your SSO identity provider who has your DAS tenant URL can login to the DAS system or stack. They are automatically added to your Workspace.
Even if invitations are not required, you can still invite users from your SSO identity provider.
When uninvited users registered with your SSO identity provider log into DAS, they are automatically added to your Workspace.
Just-in-time (JIT) users will have no permissions until they are granted either directly (as user) or via SSO configuration.
Users with no Workspace permissions can only see the systems or stacks on which they have permissions and edit their own user settings. This is the default behavior.
The following sections use an example company and DAS workspace called hooli.
Invite a User
To add a user named Ruchita as a WorkspaceAdministrator in the Workspace level, do the following:
Click on the
hooli Workspace>> Access Control tab >> Users button.
In the Users pane, click the + Invite user button to add a user.
Now, hooli > Invite user dialog appears.
Perform the following actions in your dialog box.
Email address (required): Enter the user’s email address. Enter email@example.com.
Workspace roles: Currently, the default Workspace role for
Invite useris the no role, but you can invite WorkspaceAdministrator or WorkspaceViewer (or neither). Users with the WorkspaceViewer role can view all systems or stacks in the Workspace and all tabs, settings for the Workspace. Now, click the drop-down list and select WorkspaceAdministrator.
Click Send invite tab to add a DAS user or invite a user in the Workspace level.
Now, firstname.lastname@example.org is added to the Workspace level with the status marked as pending. An invitation is sent to email@example.com. When Ruchita clicks the DAS URL in the invitation and logs in, the list of users column is updated with firstname.lastname@example.org (the pending status is removed).
To view the status of the invitation, click on the hooli workspace >> Access Control tab >> Users button >> All pane.
You can manage permissions to SYSTEMS, STACKS, and WORKSPACE for the following subject types:
User - A DAS user.
SSO Claim - For managing permissions for groups or other organizations of users.
API Token - Managing permissions for API bearer tokens.
In DAS Pro and DAS Enterprise, using the Administrator switch, you can designate the user to be either
- a Workspace Administrator with full access to all settings and all systems or
- a Workspace Viewer with read-only access to all settings and all systems.
You can give Workspace Viewers access to specific systems by adding them to a system's user as System Owners.
In DAS Free and DAS Pro Trial, all users are Workspace Administrators, so the Administrator switch is on and disabled.