Located under Settings > Account Settings > User Accounts, the Add User button provides a form for the creation of a new user. Simply provide basic account information and assign appropriate roles.

Add New User Form

The Add User button opens a form containing the following configurable fields:

• User Type - Determines where the login for this account is managed; it cannot be modified once the account is created. See the User Types section below for the list of options.
• Username - The username used to log into Sandfly; it cannot be modified once the account is created.
• Password - The initial password; it can be changed later by the associated user or an admin.
• Full Name - An identifying name for the associated user.
• Email (optional) - An email address for the associated user.
• Roles - Determines the level of access that this account has on the Sandfly server. See the Roles section below for the list of options.

Once all of the necessary fields have been filled in, click the Finish button to submit the form.

User Types

The list of options that can be selected for the User Types field:

• Local - The login process and the password for the account are managed by the Sandfly server.
• SSO - The login process for the account is managed by the Single Sign-On (SSO) service that is configured in the Account Settings section.

Roles

The list of options that can be selected for the Roles field:

• admin - Provides unrestricted access to the Sandfly server.
• user - Provides full access to everything except the following sections:
  • Audit Log (users cannot clear the log)
  • Settings (users can view public options)
• api_result_read - Provides read / GET access to most non-server configuration API calls.¹
• api_scan - Provides API-only access to initiate scans.¹

Refer to the API Endpoint Role Security Matrix for a detailed list of permissions.

¹ - API-only accounts do not provide access to the web interface.