Views:

Add users not connected with a third-party identity provider in order to allow authentication into Private Access and Internet Access services.

Important
Important
This feature is only available for customers that have updated to the Foundation Services release.
Local User Account Management gives Zero Trust Secure Access administrators the option to authorize user authentication into Internet Access and Private Access services without using a third-party identity provider. Administrators can enable or disable enrolled local user accounts at any time, allowing for controlled web access and connection to internal applications as necessary. Local users may also be assigned to one or more local user groups. As soon as a local user account or group is added, the individual account or group may be included as a target in a secure access rule.
The following table outlines the actions available in the Local User Account Management tab within Identity and Access Management.
Action
Description
Add local user accounts
  • Add individual local user accounts by clicking Add Local User Account and entering the account email and optional description. Accounts can be enabled or disabled after enrollment is complete.
  • Batch add local user accounts by clicking Import and uploading a CSV file no larger than 5 MB containing account emails and descriptions. Imported accounts are enabled by default.
You may add up to 10,000 local user accounts. Account emails can be no longer than 256 characters and descriptions no longer than 512 characters.
Note
Note
Added local user accounts receive an enrollment email requesting email verification and password creation. Verification links expire after 24 hours.
Add local user groups
Click Groups on the side menu to access the local group management screen. Add a new group by clicking Add Group. Enter a unique name and select available local users to add to the group.
Note
Note
  • All local user accounts are automatically added to the default group "All local users." The default group cannot be modified.
  • You must have at least one local user account added in order to access the local user groups screen.
  • The maximum possible number of local groups is 1,000. Group names may be a maximum of 512 characters and descriptions a maximum of 1024 characters.
Delete individual local user accounts
Delete a single local user account by clicking the delete (delete_connector=3fc07446-32b8-4304-a62e-6c9ecc08d84f.jpg) icon.
Delete local user groups
From the local group management screen, delete a single local user group by clicking the delete (delete_connector=3fc07446-32b8-4304-a62e-6c9ecc08d84f.jpg) icon. Delete multiple local user groups by selecting the groups and clicking the Delete button.
View account enrollment status
  • Waiting for enrollment (wait_for_rechability_check=3ac136b1-b643-4b57-95b7-f18fcf10812f.jpg): Email verification and password creation is still pending for the account.
  • Link expired (LinkExpired=e78ab670-ecc2-42fe-9b66-e9c1d5d515ec.JPG: The verification link in the user enrollment email is expired. Resend the email by clicking the send email (sendEmail=282fa4e3-ff92-47ae-92aa-eaf5f90d0b0f.JPG) icon.
Batch enable, disable, or delete accounts
  • Enable, disable, or delete multiple local user accounts by selecting the accounts and clicking the appropriate button.
  • Enable, disable, or delete all local user accounts using the Manage all accounts menu.
A progress bar appears above the table to indicate the status of the current batch action. When the action is complete, the result displays. View error details by clicking View details.
Enable multi-factor authentication (MFA)
Enforce MFA for local user accounts by turning on the Multi-factor authentication setting.
Get the Trend Vision One local user sign-in link
Copy the link for the Trend Vision One sign in page and distribute the link to local users.