You must have the Organization Administrators role to manage users within an Anypoint Platform organization. To manage user permissions for your API version, you must have API Version Owner permissions.
As an administrator of your organization, or of one of its business groups, you can enable, disable, or delete users. Access this menu by first making sure that the correct business group is selected in the top-right of the screen next to your user name, then clicking the gear icon next to it, and then picking the Users link in the left menu.
By ticking the checkbox next to a user, additional options related to that user are displayed:
Enable: Enables the user in the selected Organization / Business Group.
Disable: Disables the user in the selected Organization / Business Group. They will no longer be able to login.
Delete: When deleting from the top level Organization, all of the user’s roles/permissions are removed and the user becomes unattached. When deleting from a business group, all of the user’s roles/permissions for only the selected business group are removed.
This feature is not available in Anypoint Platform Private Cloud Edition.
When running Anypoint Platform Private Cloud Edition, you need to configure user management methods such as SSO through a third-party IdP or LDAP.
As an organization administrator, or of one of its business groups, you can invite new users and manage existing users for your organization on the Access Management Administration page, which you can reach by selecting the Users option in your Access Management section.
To invite new users to your organization:
Click Users in the left navigation bar.
Click Invite user.
Enter the email addresses of who you want to invite in your organization as a comma-separated list.
Optionally, select one or more roles to which to assign these users.
Click Send Invitation.
The users who you invite receive email invitations to sign up to your organization. Invited users must use the link they receive in the invitation email to join your organization. When they click through the link they are presented with a sign-up form that already has the Company field completed, matching your organization.
Note that the email link expires in one week.
Invited users have access to the same set of resources as you (although they may have different roles that can restrict what they can view or do).
Click Pending Invites to view all invitations that have not yet been accepted. Select the ones you need to manage, and click Re-send Invite or Cancel Invite.
Click a user name to access more information about that user, add roles and permissions to it, or reset its password.
By default, in every new organization and business group, you get three options:
Assign API Permissions: Write the name of the API you want to give access to, then pick a version and permission.
Assign Runtime Manager Permissions: Write the name of the Runtime Manager environment to give access to, then pick a permission.
Assign Roles: Write the name of the role to grant. Check the roles section for a description of the default roles within an organization and business group.
Roles and permissions are grouped under organizations (and also, optionally, under business groups). This means that you can only assign roles and permissions that are related to resources that exist in the organization and/or business group that you are selecting.
If necessary, you can also remove user permissions, but keep in mind that if users have been granted their permission through an assigned role, you cannot view or remove those role-based permissions here—you must do it using the Roles section.
When you make an API portal public, users from any other Anypoint Platform organization can register client applications to call your API. When these users sign into your public developer portal, they are considered external users because they are outside of your organization.
When a user logs into Anypoint Platform for the first time, they are automatically added to the External Users tab. From the External Users tab in Access management, you can view a list of all external users. You can also enable or disable each of these external users from this screen. When you disable an external user, they can no longer sign into your public portal.
You cannot search for external users in other parts of Anypoint Platform because these users do not belong to your organization and do not have additional permissions. To grant users permission to perform tasks like deploying an application, you must invite the user to join your organization.