There are multiple types of user accounts that can be created in ThreatConnect®, including standard and administrative users, Application Programming Interface (API) users, and TAXII™ users.
Organization Settings: Membership
On the top navigation bar (Figure 1), hover the cursor over the Settings icon and select ORG SETTINGS from the dropdown menu (Figure 2).
The Membership tab of the Organization Settings screen will appear, displaying a table listing all of the users in the Organization (Figure 3). Above the table, the three blue rectangles display how many more users of each type can be added to the Organization.
NOTE: Only a System Administrator can add more users to an Organization.
Creating an API User
- Click the Create API User button on the Membership tab of the Organization Settings screen (Figure 3), and the API User Administration window will appear (Figure 4).
- Fill in the following fields in order to create and configure the API user account:
- First Name: Enter the API user’s first name.
- Last Name: Enter the API user’s last name.
- Include in Observations and False Postives: Check this box to allow data provided by the API user to be included in observation and false-positive counts. See Reporting False Positives for more information.
- Record the Secret Key, as it will not be accessible after the window is closed.
- Click the SAVE button to create the API user account.
Creating a TAXII User
See the “Creating a TAXII User” section of Using the ThreatConnect TAXII Server for information about how to create a TAXII user.
Creating a Standard or Administrative User
- Click the Create User button on the Membership tab of the Organization Settings screen (Figure 3), and the User Administration window will appear (Figure 5).
- Fill in the following required fields in order to create and configure the user account:
- E-Mail: Click in the box to enter an email address, which will also be the name of the user account.
- Password: Click in the box to set the initial user password in this field, which is subject to the ThreatConnect password policy defined within the system settings.
- First Name: Click in the box to enter the user’s first name, which, along with the last name, is what other user accounts see when the user posts within the Organization or in a full-profile Community.
- Last Name: Click in the box to enter the user’s last name, which, along with the first name, is what other user accounts see when the user posts within the Organization or in a full-profile Community.
- Role: Click on the dropdown menu to select one of the following roles: User, Sharing Administrator, or Organization Administrator.
- Log Out After: Click on the dropdown menu to select a time interval upon which a user will be logged out after a corresponding period of inactivity.
- Time Zone: Click on the dropdown menu to select the appropriate time zone.
- Summary Email Time: Click on the dropdown menu to set the time at which a user account will receive daily summary emails of followed items, or other notifications, from ThreatConnect. See Notifications and Following for more information.
- Locked: Click the box if it is checked in order to unlock a user account that has been locked by ThreatConnect.
- Disabled: Click the checkbox to disable a user account in the event that the Administrator wishes to retain log integrity, when the user no longer requires ThreatConnect access.
- Reset Required: Click the checkbox to force a user to change the account password upon next login. This box is checked by default upon account creation, and it is unchecked once the password is changed.
NOTE: When initially creating the account, the Reset Required box cannot be unchecked. To uncheck the box, first create the account and edit it, and then uncheck the setting. This procedure enforces tighter security.
- Send Account Info Email: This box is checked by default upon account creation, causing account information and an initial password to be sent to the email address in the E-Mail field.
- Click the SAVE button to create the user account.