Creating User Accounts

  • Updated on Jul 8, 2025
  • Published on Jan 2, 2025
  • 2 minute(s) read
Prev Next

A user account can be created via the Administration Web Interface by doing one of the following:

  • Importing users from a file, either single records or in bulk.
  • Manually creating user records using Create User in the Administration Web Interface.
  • Dynamically during the authentication process (using Dynamic User Registration (DUR)).
  • Via LDAP synchronization. User information on OneSpan Authentication Server Appliance can be synchronized with external LDAP databases by using the LDAP Synchronization Tool. For more information, refer to the LDAP Synchronization Tool Administrator Guide.

Creating user accounts manually

User accounts can be created manually by the system administrator. The user account specifies the following attributes:

  • User ID, domain, and an optional organizational unit (see Organizational structure)
  • Static password (optional)
  • Local and back-end authentication settings
  • Account status (enabled, locked)

Importing user records

You can import user accounts in bulk to the database from a user import file, i.e. a comma-separated text file (CSV) via the User/Import page of the Administration Web Interface.

For more information, refer to the OneSpan Authentication Server Appliance Administrator Reference, Section "Importing user records".

Creating user accounts using Dynamic User Registration (DUR)

When OneSpan Authentication Server Appliance receives an authentication request for a user without a user account, it can verify the credentials with the back-end server (e.g. RADIUS). If back-end authentication is successful, OneSpan Authentication Server Appliance can create a user account automatically for the user. This process is called Dynamic User Registration (DUR) and can be enabled via policy settings.

Dynamic User Registration (DUR)

Dynamic User Registration (DUR) allows to create a new user account automatically when the user credentials are validated using back-end authentication. The correct static password is sufficient to create a new user account.

DUR is commonly used together with auto-assignment (see auto-assignment (Overview)). With these two features enabled, new user accounts are immediately assigned to an authenticator.

For more information about Dynamic User Registration, see Dynamic User Registration (DUR).

DUR user information synchronization

DUR user information synchronization allows OneSpan Authentication Server Appliance to retrieve user information when a user account is created using DUR with an LDAP back-end server. This is achieved by synchronizing the data from the LDAP back-end server to the respective user account data fields. The user information that can be retrieved includes the user display name and contact data, such as the mobile phone number and the email address. The LDAP attributes used to query the respective user information are configurable.

By default, DUR user information synchronization is disabled. To enable and configure it, you need to change the applicable policy accordingly.

Creating user accounts using LDAP user synchronization

LDAP user synchronization supports automatic creation and updating of user accounts on the OneSpan Authentication Server Appliance from records stored on one or more LDAP servers. Synchronization needs to be configured in the Configuration Tool, by defining a synchronization profile for your specific LDAP server(s).

For more information, see LDAP user synchronization.