User Name

A string of characters that uniquely identifies this person. This can be an email address. It is not case sensitive.

Password

An encrypted field that can be edited from within MinistryPlatform or by the user. Once added, the value cannot be recovered. When editing, note that changes are saved. The password field always shows eight dots for security.

Admin

When Yes, this user is able to run specific reports and tools that are not available to most users. This does not enable use of any applications using the API or provide any page/sub page rights.

Contact

The Contact record containing the name, contact information and other vital details about this user. Each User record should have a unique Contact record. This is the required Foreign Key linking the User record to the Contact record.

Supervisor

The User record of the person to whom this user reports. This may be used by workflow Processes and Process Steps to gain the supervisor's approval when this user adds records to various pages in MinistryPlatform.

User GUID

A string of characters that become a secondary unique identifier for this user. This is generated automatically and used by certain applications that identify this user.

Can Impersonate

When True, indicates this user is allowed to impersonate users in the Platform. This ability should be limited to highly trusted and trained staff members.

Time Zone

The time zone or "standard time" of the user affecting the date and time displayed. Users can change this setting by clicking their user name in the top right of the Platform.

Locale

The locale or "culture" of the user affecting the formatting of the date, time, and currency displayed. If blank, the system will use the Domain Locale. Users can change this setting by clicking their username in the top right of the Platform.

Setup Admin

Grants access to the System Setup area where Pages, Views, and more are managed. Users with Setup Admin set to Yes will have access to the Reset Auth App button in their User Profile to recycle the app pool after updating Identity Provider configurations.

Login Attempts

The number of attempts the user has made to unsuccessfully login. Once the Max Login Attempts value is reached (as set on the Domain record), the user will be locked out. A locked out user can be unlocked by resetting their password or a SPoC editing this value to be less than the Max Login Attempts value (typically editing the value to zero).

MFA Required

When Yes, users will be required to use Multi-Factor Authentication.

Data Service Permissions

The Data Service Permissions have to do with how the OData API allows users to access data remotely through the API. For almost all users, you can disregard these fields (leave them as false). These permissions should only be given for custom development and/or third-party integration that uses the API.

Delegate Of

Add the permitted contact(s) that the user can send messages on the behalf of. These contact(s) will display in the From drop-down list of the New Message Tool.

Global Filters

Add the permitted Congregation(s) for the user to see only records for that Congregation as configured in the Global Filters. If no Congregations are specified, all Congregations will be available to the user.

Ministries Allowed

Add the permitted Ministry(ies) for the user to see only records for that Ministry on Pages where additional setup was completed to enable this feature. If no Ministry(ies) are specified, all Ministries will be available to the user. This feature is currently only partially implemented. Once fully implemented, more details will be added.