Login and User Access
Sheetloom uses AWS Cognito for identity and user management. This is built on top of OAuth 2.0 standards and is compliant with a variety of industry standards, including PCI DSS, SOC, and ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and ISO 9001 compliant.
Initial Admin User
During your onboarding or deployment process you will have identified someone to be the initial user. They will have been added to the system automatically as an Admin user and will have received an automated email with their temporary password. Please note temporary passwords will expire after 7 days.
Adding New Users
Navigate to Users then click on Create to open the Create User form.
| Field | Description |
|---|---|
| Name | Name you want to give the user |
| Role | User Role; Currently restricrted to Admin or User |
| Email address of user | |
| User Status | Used to activate or disable the account |
Adding a User to a Group
When a user is created, they are automatically assigned to the default group called [my-company]-users. If they are an Admin user they will also be assigned to the [my-company]-Admin group. You cannot remove users from these groups.
To add a user to a group, check the box next to the user´s name in the Name column then click the ellipsis button. In the Edit Users’ Groups dialogue box that appears, select the + button to load a new drop down panel. From there you can choose which group to add the user to. Repeat the process to add the user to more groups if required.
Deleting a User
From the Users page, select the user's row and click Delete and confirm.
Removing a User from a Group
To remove a user from a group, click Edit User's Groups as described in the previous section. Select the X beside the group you want to remove the user from, then submit.
See Groups on how to create and manage groups.
Password Policy
Sheetloom will enforce a password policy on all users to ensure passwords are suitably complex. The default policy is:
- 8 characters minimum
- At least 1 number
- At least 1 uppercase
- At least 1 lowercase
- At least 1 special character
If you have a custom deployment of Sheetloom, please contact us to discuss changing this.
Password Recovery
If a user forgets their password, they can reset themselves through the login page.
The reset will trigger a verification code which will be sent to the email address. Log back in using the code and follow the instructions on screen to reset the password. Note the verification code can only be sent to the email address linked to the account. A user will need to contact an Administrator to restore their password.
Password Reset
Alternatively, an admin can reset a user's password for them. Navigate to the Users page and check the box of the user. Click on Edit to open the Edit User form and click on the Reset Password option.
Login Duration
Logging into Sheetloom will generate a cookie in your browser which grants you access for 60 minutes. After this has expired, any future action will require you to sign back in. This helps keeps Sheetloom safe from unwanted access.