User access is managed via user levels, groups, and permissions. NetX also supports popular authentication methods for organizations that wish to manage user accounts using in-house systems.

In this article

Learn how user levels, groups, and permissions are used for access control so you can protect confidential or proprietary assets and data. You'll decide how many user groups you need and what to name them. Also discover different methods for user account creation.

(question) In what ways are your users similar and how can they be grouped together?
(question) What names will you use to identify your user groups?
(question) Which user levels will you need?
(question) Will you implement single sign-on (SSO)?
(question) Will you allow self-registration? 

5 things to know about NetX user access


NetX offers a two-dimensional approach to access control - user groups and user levels. 
Permissions are granted by user groups and actions are controlled by user levels. While a user is assigned a single user level, they can belong to multiple user groups. This combination allows just the right amount of access - not too much, and not too little.

User levels define the actions a user can perform. 
The ability to view, download, edit metadata, or delete assets are examples of actions that are controlled by user level. NetX has seven user levels available, ranging from No Access to Administrator (full access).

Permissions define where (on which assets) those actions can be performed. 
Before users can perform actions on assets, they must be added to a group that is granted permission to those assets. Permissions typically link groups of users to folders of assets.

User groups aren't only for folder permissions.
User groups help facilitate many workflows in the system, such as: sharing collections, searches, and reviews; requiring approval or justification for certain downloads; receiving email notifications; reporting on system use statistics. 

Your choice of authentication options
Create NetX user accounts via manual entry, CSV spreadsheet import, end-user self-registration, SAML based single sign-on (SSO) integration, or Directory Server (LDAP) integration.  Different authentication methods can be used for different types of users (internal vs external). Portals can even be set up for unauthenticated access.


Best practices

Keep it simple.
Add users to groups, add assets to folders, and create permissions that link groups to folders. Even though you can add permissions to individual assets or users, we don't recommend it.

Group users by access, not actions.
Create user groups based on the folders of assets that different users need access to. Don't group users by the actions they need to perform — that's where user levels come into play. Groups can contain users with a myriad of user levels.

Expiration instead of deletion.
The user expiration date is helpful when creating temporary user accounts or when user access needs to be revoked. Expired accounts are automatically set to No Access user level instead of deleting the account entirely. This ensures statistical information relating to the deleted user is retained in the system.

Make it easy for users to sign up.
Flexible options for self-registered user accounts allow you to control a user's initial access and when automated emails are sent. New users can be allowed access to all content, a limited selection of content, or not allowed in at all until approved. If your organization already authenticates with single sign-on, consider an SSO integration for internal users to access NetX. 

Get everyone up and running at once.
If you're not using self-registration or SSO, Admins can easily import user data via .csv file to batch create user accounts, assign user levels, and user groups. Bonus: NetX will automatically notify new users that they can set their password and log in to the system.


BEFORE YOUR NEXT ONBOARDING MEETING

  • Meet with your Core Team to develop your permissions strategy.
  • Define groups for folder access and choose which user levels to employ.
  • Review your folder structure - changes may be needed for appropriate access control.
  • Identify any special authentication requirements.
  • Complete the Users Onboarding Worksheet and the Permissions Onboarding Worksheet.
  • Be prepared to discuss with your Onboarding Specialist.

How-to articles


Tips and tricks

View the permissions configuration for a particular user group or specific folder by typing in the filter box at the top of the Permissions window.

Find users quickly by name or by user-level using the filter options in the Users window.

View all members of a specific user group from the 'Selected' tab in the group management panel.

When importing user data via .csv, set passwords on behalf of your users by adding a "Password" column to your .csv file. This will also prevent the automatic email message from being sent to users.

If a permission is created or altered, all assets in the system will be reindexed. Plan to execute configuration changes in off-peak hours since a full reindex may impact performance.


Up next...

Learn about Workflows and Settings.


BEFORE YOU IMPORT ASSETS

Review your permissions strategy with your Onboarding Specialist and read about File and Data Ingest.