The User Record
- User Name
- A string of characters that uniquely identifies this person. This can be an email address. It is not case sensitive.
- Password
- An encrypted field that you or the User can edit from within MinistryPlatform. Once added, the value cannot be recovered. When editing, note that changes are saved. The password field always shows eight dots for security.
- Admin
- When set to Yes, this User can run specific reports and tools that are not available to most Users. This does not enable use of any applications using the API or provide any page or sub-page rights.
- Contact
- The Contact record containing the name, contact information, and other important details about this User. Each User record should have a unique Contact record. This is the required Foreign Key that links the User record to the Contact record.
- Supervisor
- The User record of the person to whom this User reports. This may be used by workflow Processes and Process Steps to gain the supervisor's approval when this User adds records to various pages in MinistryPlatform.
- User GUID
- A string of characters that become a secondary unique identifier for this User. This is generated automatically and used by certain applications that identify this User.
- Can Impersonate
- When set to Yes, this indicates this user can impersonate users in the Platform. Limit this ability to highly trusted and trained staff members.
- Time Zone
- The time zone or "standard time" of the User that affects the date and time displayed. Users can click their username in the top right of the Platform to change this setting.
- Locale
- The locale or "culture" of the User that affects the formatting of the date, time, and currency displayed. If blank, the system uses the Domain Locale. Users can clicking their username in the top right of the Platform to change this setting.
- Setup Admin
- Grants access to the System Setup area where you can manage Pages, Views, and more. Users with Setup Admin set to Yes have access to the Reset Auth App button in their User Profile to recycle the app pool after they update their Identity Provider configurations.
- Login Attempts
- The number of attempts the User made to unsuccessfully login. Once the User reaches the Max Login Attempts value (as set on the Domain record), they'll be locked out. To unlock a User, they can reset their password or a SPoC can edit this value to be less than the Max Login Attempts value (typically, zero).
- MFA Required
- When set to Yes, Users must use Multi-Factor Authentication.
- Data Service Permissions
- The Data Service Permissions relate to how the OData API allows Users to access data remotely through the API. For almost all Users, you can disregard these fields (leave them as No). You should only give these permissions for custom development and/or a third-party integration that uses the API.
Tabs
- Delegate Of
- Add the permitted Contact(s) that the User can send messages from. These Contact(s) display in the From drop-down list of the New Message Tool.
- Global Filters
- Add the permitted Congregation(s) for the User to see only records for that Congregation as configured in the Global Filters. If you don't specify any Congregations, the User can access all Congregations.
- Ministries Allowed
- Add the permitted Ministry(ies) for the User to see only records for that Ministry on Pages where you enabled this feature. If you don't specify any Ministry(ies), the User can access all Ministries. This feature is currently only partially implemented. Once fully implemented, we'll add more details.