Chapter 8. Managing Users in automation controller

download PDF

Users associated with an organization are shown in the Access tab of the organization.

Other users can be added to an organization, including a Normal User, System Auditor, or System Administrator, but they must be created first.

You can sort or search the User list by Username, First Name, or Last Name. Click the headers to toggle your sorting preference.

You can view user permissions and user type beside the user name on the Users page.

8.1. Creating a user

To create new users in automation controller and assign them a role.


  1. On the Users page, click Add.

    The Create User dialog opens.

  2. Enter the appropriate details about your new user. Fields marked with an asterisk (*) are required.


    If you are modifying your own password, log out and log back in again for it to take effect.

    You can assign three types of users:

    • Normal User: Normal Users have read and write access limited to the resources (such as inventory, projects, and job templates) for which that user has been granted the appropriate roles and privileges.
    • System Auditor: Auditors inherit the read-only capability for all objects within the environment.
    • System Administrator: A System Administrator (also known as a Superuser) has full system administration privileges — with full read and write privileges over the entire installation. A System Administrator is typically responsible for managing all aspects of and delegating responsibilities for day-to-day work to various users.

      User Types


      A default administrator with the role of System Administrator is automatically created during the installation process and is available to all users of automation controller. One System Administrator must always exist. To delete the System Administrator account, you must first create another System Administrator account.

  3. Click Save.

    When the user is successfully created, the User dialog opens.

    Edit User Form

  4. Click Delete to delete the user, or you can delete users from a list of current users. For more information, see Deleting a user.

    The same window opens whether you click the user’s name, or the Edit Edit icon beside the user. You can use this window to review and modify the User’s Organizations, Teams, Roles, and other user membership details.


If the user is not newly-created, the details screen displays the last login activity of that user.

If you log in as yourself, and view the details of your user profile, you can manage tokens from your user profile.

For more information, see Adding a user token.

8.2. Deleting a user

Before you can delete a user, you must have user permissions. When you delete a user account, the name and email of the user are permanently removed from automation controller.


  1. From the navigation panel, select Access Users.
  2. Click Users to display a list of the current users.
  3. Select the check box for the user that you want to remove.
  4. Click Delete.
  5. Click Delete in the confirmation warning message to permanently delete the user.

8.3. Displaying user organizations

Select a specific user to display the Details page, select the Organizations tab to display the list of organizations of which that user is a member.


Organization membership cannot be modified from this display panel.

Users - Organizations list

8.4. Displaying a user’s teams

From the Users > Details page, select the Teams tab to display the list of teams of which that user is a member.


You cannot modify team membership from this display panel. For more information, see Teams.

Until you create a team and assign a user to that team, the assigned teams details for that user is displayed as empty.

8.5. Displaying a user’s roles

From the Users > Details page, select the Roles tab to display the set of roles assigned to this user. These offer the ability to read, change, and administer projects, inventories, job templates, and other elements.

Users- permissions list

8.5.1. Adding and removing user permissions

To add permissions to a particular user:


  1. From the Users list view, click on the name of a user.
  2. On the Details page, click Add. This opens the Add user permissions wizard.

    Add Permissions Form

  3. Select the object to a assign permissions, for which the user will have access.
  4. Click Next.
  5. Select the resource to assign team roles and click Next.


  6. Select the resource you want to assign permissions to. Different resources have different options available.


  7. Click Save.
  8. The Roles page displays the updated profile for the user with the permissions assigned for each selected resource.

You can also add teams, individual, or multiple users and assign them permissions at the object level. This includes templates, credentials, inventories, projects, organizations, or instance groups. This feature reduces the time for an organization to onboard many users at one time.

To remove permissions:

  • Click the Disassociate icon next to the resource. This launches a confirmation dialog asking you to confirm the disassociation.

8.6. Creating tokens for a user

The Tokens tab is only present for the user you created for yourself.

Before you add a token for your user, you might want to Create an application if you want to associate your token with it.

You can also create a Personal Access Token (PAT) without associating it with any application.


  1. Select your user from the Users list view to configure your OAuth 2 tokens.
  2. Select the Tokens tab from your user’s profile.
  3. Click Add to open the Create Token window.
  4. Enter the following information:

    • Application: Enter the name of the application with which you want to associate your token.

      Alternatively, you can search for the application name clicking the Search icon. This opens a separate window that enables you to choose from the available options. Use the Search bar to filter by name if the list is extensive.

      Leave this field blank if you want to create a PAT that is not linked to any application.

    • Optional: Description: Provide a short description for your token.
    • Scope: Specify the level of access you want this token to have.
  5. Click Save or Cancel to abandon your changes.
  6. After the token is saved, the newly created token for the user is displayed.

    User -token information


    This is the only time the token value and associated refresh token value are ever shown.

Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.