A user is a person who has access to your Zenvoices environment. Via Manage / Environment / Users you can create, edit and delete users. It is also possible to edit users in bulk by selecting multiple users and then choosing 'Edit' via the bulk action. With roles and permissions you determine which actions a user can perform and which administrations the user has access to.
Create user
With the button 'New user' you can create a user.
Zenvoices also supports External user provisioning with Microsoft Entra.
Set random password
By default, a random password will be set for the user. By disabling 'Set random password' it is possible to manually enter a password for the user instead.
Single Sign On
Consult this article if you want users to log in using Single Sign On instead of a
password.
Two-factor authentication required
Consult this article for more information about activating 2FA.
Change password at next login
If you enable this option, the user will have to choose a new password the next time they log in. This password must contain at least 10 characters, including at least one number and one lowercase letter.
Send welcome email with login details
If you enable this option, an email with login details will be sent to the email address of the new user after saving.
Roles
In the 'Roles' tab you can select the roles of the user.
Please note: did you create a user with the role 'Authorizer', but the user is not visible in the authorization scheme? Then follow the steps below to grant specific access to one or more administrations.
Edit permissions
In the user overview you can change the permissions of a user with the button 'Edit permissions':
App permissions
In this tab you can assign specific permissions to a user. By default these permissions are inherited from the roles of the user. If multiple roles are assigned to a user, the permissions of these roles will be combined.
With the button 'Restore default permissions' you restore the permissions to the default permissions of the user based on their roles.
Administration permissions
In this tab you can assign specific administration access permissions to a user. By default these permissions are inherited from the roles of a user. If you want to deviate from this, disable the option 'Inherit administration permissions from user roles'. After that you can determine which administrations the user has access to or is not allowed to access (in the example below the user has access to all administrations except one).
Please note: if administration access is set at role level, the access rights of all administrations will be combined. 'Deny access' will always be respected.
Please note: if administration access is set via administration tags, it is recommended to restrict the user permission to add (or remove) administration tags to administrations to authorized users only. See also this article. By default this user permission is enabled for users who have permission to modify administrations.
Import users
Via the button 'Import users' (top right) users can be added in bulk via an uploaded Excel or CSV file (an example file is available after clicking the button).
Please note:
the name of the roles is case sensitive
when multiple roles are used they must be separated by commas (spaces are not allowed)
when a Single Sign On provider is filled in in the import file, a link request will be sent by email immediately after uploading, even if 'Send welcome email with login details' is set to No.
Show details
Via this option it is visible which administration(s) the user has access to. An export function is also available here to export the overview to Excel.
Login
You can log in to the portal and/or mobile app by entering the following details. These details are received once 'Send welcome email with login details' is enabled and 'Save' has been clicked.
Environment name
Username or email address linked to the user
Password
Log in as another user
In the user overview you can log in as another user with the button 'Log in as this user', without knowing the user's password. This option is only available for administrators with sufficient permissions.
You can use this function to perform an action on behalf of another user. At that moment you work according to the permissions of that user. This function is therefore also useful to check the permissions of a user.
When you are logged in as another user this will be visible in the top right corner and you can return to your own user with the button 'Return to own user'.
Delete user
Do you want to delete a user because an employee leaves the company or the collaboration with the accountant ends? Then the user can be deleted via Manage / Environment / Users. Then choose the trash icon on the left of the relevant user.
Please note:
this can be done with the following app permission which is enabled by default for administrators: Pages | Manage | Environment | Users | Delete user
make sure there are no dependencies anymore, for example: included in the authorization scheme and bookings that still need to be authorized. If the relevant user is no longer active the Admin user can do this on behalf of the user via Log in as another user
make sure the linked administration(s) are assigned to another user
The Admin user has all administrator permissions and therefore cannot be deleted. Is this user registered under the name of an employee who leaves the company? Then change the details to the person who will take over the Admin permissions.
Our advice is to link the Admin user to a shared email address. This way someone can always gain access to the management of Zenvoices in exceptional situations. Keep in mind that this user has full access to all functionalities of Zenvoices.
Reports
Via the options below an administration access report and a user permissions report can be consulted, which will be sent by email.
Administration access report: shows which users have access per administration.
User permissions report: shows for which users each permission is activated.
External user provisioning
External user provisioning means that user management takes place from another application. Users can be added and managed directly from that application. At the moment Zenvoices supports this with Microsoft Entra.
Keywords: app permissions, reporting