User Management#
User accounts in Novaza SSO represent the individual people who access your workspace. Each user has a profile, a set of roles, and an authentication method. Administrators manage users from the SSO → Users panel.
Creating a User#
- Go to SSO → Users → New User.
- Enter the user’s email address — this is their login identifier and must be unique within the workspace.
- Enter their full name and optionally their job title, department, and phone number.
- Assign one or more roles (see Roles & Permissions).
- Choose the activation method:
- Send invite email — the user receives an email with a link to set their own password
- Set password manually — you set a temporary password and the user is prompted to change it on first login
- Click Create User.
User Profile Fields#
Each user profile stores:
| Field | Description |
|---|---|
| Login identifier; also used for system notifications | |
| Full Name | Display name shown throughout the platform |
| Avatar | Profile photo used in Desk agent view and Personeo |
| Language | UI language preference (English or Vietnamese) |
| Timezone | Used for scheduled reports and date display |
| Department | Organizational grouping, used in Office and reporting |
| Custom Attributes | Key-value pairs for any additional metadata your organization needs |
Deactivating and Deleting Users#
Deactivating a user prevents them from logging in and removes them from all auto-assignment queues, but preserves their historical data — all records, conversations, and audit log entries attributed to them remain intact. This is the recommended approach when an employee leaves.
Deleting a user is permanent and cannot be undone. Their account is removed, but records created by them are preserved and re-attributed to an anonymous “deleted user” marker. Use deletion only when required by a data retention policy.
Bulk User Provisioning#
For larger teams, administrators can provision users in bulk rather than one at a time:
- CSV import — upload a CSV file with email, name, and role columns from SSO → Users → Import. Each row becomes a user account; existing accounts are updated in place if the email matches.
- Invite link — generate a shared signup link scoped to a specific role and email domain. Team members who open the link can self-register with an address on the allowed domain.
- Identity Provider federation — connect an external identity provider (SAML 2.0 or OIDC) to let users sign in with their corporate credentials. Novaza user records are created on first sign-in.
Automatic directory synchronization (SCIM-style deprovisioning from an HR system) is on the roadmap and not yet available. Until then, removed employees must be deactivated manually in SSO → Users.
Password Policies#
Administrators can enforce password requirements under SSO → Settings → Security:
- Minimum length (default: 10 characters)
- Require uppercase, number, and special character
- Maximum password age (30–365 days; prompts users to change on expiry)
- Password history (prevent reuse of the last N passwords)
- Account lockout after N failed attempts (default: 10 attempts, 30-minute lockout)