User management

  • Published on Oct 28, 2025
  • 3 minute(s) read
Prev Next

The user accounts are managed via the Threat View Identity Management microservice which contains self-service APIs and the user management database where the administrator credentials are stored.

User management tasks

The Account Owner and User Administrator roles have the permission to perform the user management tasks:

  • View a list of users and filter / sort the list

  • View a user and see their assigned roles

  • Create a new user and specify what roles they are allowed

  • Update user and change their assigned roles and scopes

  • Delete a user

    Threat View does not permit that a user deletes their own account.

  • Manually lock or unlock a user account, including accounts of other User Administrators

  • Set and reset passwords for other users

  • Rescue administrators

Editing details of your own user account

Via My Profile in the left navigation bar of the Threat View Administration Interface, any user who is currently logged in can access their account details. The following details can be edited without requiring specific permissions:

  • Display name

  • Email address

  • Phone number

Threat View does not permit changing your own username and role, or deleting your own user account, regardless of assigned permissions.

User account details

Only Account Owners and User Administrators can access the user account details of all users via the Threat View user management functionality. To access the User management page, click the Users icon in the left navigation bar. On this page, Threat View displays a table with the existing users.

The visibility of data on this page depends on the permissions assigned to you.

The table displays the following user account details:

  • Username

    Unique name identifying the user.

  • Display name

    Free name of the user to display in the Threat View Administration Interface.

  • Role

    User role assigned to the user.

  • Status

    Status of the user account. Possible values: Active or Locked.

    This column is not sortable.

  • Creation date

    Date when the user account was created.

Editing user account details

From this table you edit the user details, lock/unlock, and delete user accounts. The required permissions are read and update, and the menu items for the user management tasks are only visible to users with these permissions.

To edit, lock/unlock, or delete a user account, click the three dots at the end of the row for that user and select the required option.

The following user details can only be updated by users with the corresponding permissions:

  • Username

    Threat View validates the new username to avoid duplicates. If the new username already exists, Threat View denies the change request and displays an error message.

  • Role

  • Email address

  • Phone number

Threat View does not permit changing your own username and role, or deleting your own user account, regardless of assigned permissions.

To edit, manually lock, unlock, or delete a user account, follow these steps:

  1. Log in to the Threat View Administration Interface with an account that has the necessary permissions.

  2. Click Users in the left navigation bar.

  3. Locate the relevant user account in the displayed list.

  4. Click on the three dots at the end of the row for that user and select the required action.

Deleting accounts of other users is final and cannot be undone, the deleted user account cannot be restored.

Input validation during editing

When editing the details of a user account, Threat View opens a form where you can make your updates. This form also provides optional information such as the user’s email address and phone number. When filling in or editing this form, Threat View allows you to preview the information you have entered before you save it, and validates the input, e.g., if any required information is missing. Input is validated ad hoc while filling in the form fields as well as upon clicking Create after filling in the entire form.

Automatic user account locking

Threat View automatically locks user accounts after a number of failed authentication attempts. By default and as a minimum, the number of failed attempts is 3. You can change the default configuration and have a higher number of failed attempts, but you cannot have less than 3 attempts. If a user fails authentication and gets locked, Threat View will not display any details about the account lock when the user tries again to log in.

Only a User Administrator or Account Owner can unlock the locked user account.