New: Try our AI‑powered Search (Ctrl + K) — Read more

Managing User Accounts

  • Updated on Mar 20, 2026
  • Published on Jul 8, 2021
  • 8 minute(s) read
Prev Next

Access to the Sensor Management web user interface and web services is controlled by means of user accounts and user roles. System administrators manage user accounts and must assign a user role to each account. Each role has a predefined set of permissions.

Note: Default passwords at the application level are not permitted beyond the installation phase. Authentication requires unique credentials, either created by the customer or generated randomly upon request. Users must change their passwords immediately following a fresh system installation, enforcing a first-time password change requirement to ensure secure access.

Viewing User Accounts

Administrators can view and manage web user accounts in the Admin ▶ Users page. This page displays a list of all users with access to the Sensor Management web interface.

Users page
25.07_Managing User Accounts_1.png

The following table explains the information displayed for each account in the Users page.

User Account Information (Admin ▶ Users)

Parameter Description
Name User name associated with the account.
Type User roles assigned to the user account. Each user role has a predefined set of permissions. These roles are called "Local roles" because they are defined in Sensor Management. A Sensor Management user can have multiple roles. For example, this is necessary for a user that will use the REST API. These are the user roles available for local Sensor Management accounts:
  • ROLE_ADMIN: Has all permissions except for access to the Web Services interface (which requires the ROLE_WS).
  • ROLE_OPERATOR: Has the same permissions as ROLE_ADMIN except for the functions in the Administration page, the Configuration Flow Profiles page, and the Network Partition page.
  • ROLE_VIEWER: Can only view configuration information. Cannot configure anything. Cannot view the Administration page or the Configuration Flow Profiles page.
  • ROLE_FW_MGMT: Can only access the Backup & Restore and Firmware pages.
  • ROLE_WS: Required to use the REST API or the XML Export Interface. Can only connect to Sensor Management via its Web Services (WS) interface. Allows another system, such as an Operations Support System (OSS), to connect directly to Sensor Management. Does not have access to the Sensor Management web user interface.
Lock state Indicates whether or not the user is currently locked out of Sensor Management. Possible values:
  • false: The user is not locked out.
  • true: The user is locked out.

You can unlock a user by double-clicking the user in the list and checking the Unlock user box in the User configuration dialog. For more information about password policy and user lockout,see "Editing Security Settings Related to User Accounts".
User Type Indicates the authentication system in which the user account is defined. Possible value:
  • ZITADEL: A user account that is defined and managed in the Zitadel identity and access management platform.
Last login Indicates the authentication method, Role and IP address that was used the last time the user logged in successfully.
Last login time Timestamp of the user's last successful login.

Adding and Editing User Accounts

System administrators (user accounts with ROLE_ADMIN) can add and edit user accounts for Sensor Management.

To set up a user account

  1. Select Admin ▶ Users to view the list of all user accounts for Sensor Management.

  2. Click the Button_Add_New_User_Account.png button (above the list) to add an account or double-click an existing account to edit it.
    The User configuration dialog is displayed.

  3. Complete or update the user settings as required.

  4. Click Apply.

For more information on specific parameters, see the following table.

User Configuration dialog (Admin ▶ Users)

Parameter Description
Username Name of the user account.
New password The user password. Passwords can be up to 64 characters long. For information about password policies, see: "Editing Security Settings Related to User Accounts"; "About Password Policies".
Confirm password Confirmation of the user password.
Change password at next login Check this box to force users to change their password the next time they log in to Sensor Management.
Unlock user Check this box to unlock the user if they were locked out because of a password policy issue. For more information about password policy, see "Editing Security Settings Related to User Accounts".
Role The role assigned to this user. The following user roles are available:
  • ROLE_ADMIN: Has all permissions except for access to the Web Services interface (which requires the ROLE_WS).
  • ROLE_OPERATOR: Has the same permissions as ROLE_ADMIN except for the functions in the Administration page, the Configuration Flow Profiles page, and the Network Partition page.
  • ROLE_VIEWER: Can only view configuration information. Cannot configure anything. Cannot view the Administration page or the Configuration Flow Profiles page.
  • ROLE_FW_MGMT: Can only access the Backup & Restore and Firmware pages.
  • ROLE_WS: Required to use the REST API or the XML Export Interface. Can only connect to Sensor Management via its Web Services (WS) interface. Allows another system, such as an Operations Support System (OSS), to connect directly to Sensor Management. Does not have access to the Sensor Management web user interface.
Manager Role Note: Not supported in this release.
User type Indicates the type of authentication used to verify a user's credentials when they attempt to log in to the Sensor Management web interface. Possible value:
  • ZITADEL: Authentication is managed through Zitadel’s AAA (Authentication, Authorization, and Accounting) services, providing centralized identity and access management.

Resetting a User Password

System administrators (user accounts with ROLE_ADMIN) can reset the password for a user account.

To reset a user password

  1. Select Admin ▶ Users to view the list of all user accounts defined on Sensor Management.
  2. Double-click the account whose password you want to reset.
    The User configuration dialog for the selected user is displayed.
  3. Enter the new password in the Password and Confirm Password fields.
  4. To force the user to enter a new password the next time they log in, check the Change password at next login checkbox.
  5. Click Apply. The new password is effective immediately.

Deleting a User Account

System administrators (user accounts with ROLE_ADMIN) can delete user accounts for the Sensor Management web interface.

To delete a user account

  1. Select Admin ▶ Users to view the list of all user accounts defined on Sensor Management.
  2. Select the user account that you want to delete.
  3. Click the Button_Remove_Generic.png button (above the list) to remove the account.
  4. Click Ok in the confirmation dialog to delete the account permanently.

Editing Security Settings Related to User Accounts

System administrators (user accounts with ROLE_ADMIN) can configure these security features related to user accounts:

  • Password policy
  • User session timeout
  • User lockout after failed login attempts.

To edit the security settings

  1. Select Admin ▶ Users to view the list of all user accounts defined on Sensor Management.

  2. Select the Button_Gear_Settings.png icon (above the list) to open the Security settings dialog.

  3. Change the settings as required. For more information about the settings, see the table below this procedure.

  4. Click Apply to confirm your settings, then click Close.

Users - Security settings dialog (Admin ▶ Users)
Password policy settings

Setting Description
Maximum changes per day The number of times a user can change their password in one 24-hour period.

Possible values: 1, 2, 3
Password minimum length The password must contain this number of characters or more.

Possible values: 4, 5, 6, 7, 8
Upper and lower case The password must include at least one upper case character and one lower case character.
Digit required The password must contain at least one character that is a digit.
Leading digit The first character in the password must be a number.
Special characters The password must contain at least one of the following special characters:

! " # $ % & ' ( ) * + , - . / {
Require 3 out of 4 types If you check this checkbox, the password that the user enters will have to pass three of the four character policies in order to be accepted:
  • At least one upper case character and one lower case character.
  • First character must be a digit.
  • At least one character is a digit.
  • At least one character must be a special character (listed above in this table).

If you check this box, the checkboxes for the four character policies will become unavailable and any checkboxes that are checked will be ignored.

Uncheck this box if you want to choose among the four character policies by checking and unchecking the checkboxes
Password expiration interval The number of days after which a password expires. When a password expires, the user will be required to enter a new one the next time they attempt to log in.

Session settings

Setting Description
Session timeout interval (min) The timeout for a user logged in to the Sensor Management web interface. If the user does not interact with the system via the web interface for this amount of time, the user will be automatically logged out and prompted to log in again.

The new timeout interval only affects sessions that start after the change is applied. Sessions that started before the change will time out after the old interval.
Webservice session timeout interval (min) The timeout for a user logged in to the Sensor Management REST API. If the web user client does not interact with the system via the API for this amount of time, it will be automatically logged out.

The new timeout interval only affects sessions that start after the change is applied. Sessions that started before the change will time out after the old interval.

User lockout

Setting Description
Lock after (*) attempts Set the number of failed attempts after which a user will be locked out.

The default is 3 attempts.
Permanent Check this box to lock out the user permanently (indefinitely). Even if a user is locked out permanently, an administrator can unlock their account, as explained in "Unlocking a User Account".

To lock the user out temporarily, leave this box unchecked and enter the lockout time in the Lock for field.
Look for The number of hours that the user will be locked out.

The default is 1 hour.

Unlocking a User Account

An administrator can unlock other non-admin users who have been locked out.
To unlock a user account

  1. Select Admin ▶ Users to view the list of all user accounts defined on Sensor Management.
  2. Double-click the user in the list.
    The User configuration dialog for the selected user is displayed.
  3. Check the Unlock user checkbox.
  4. Click the Apply button.
    The user can try logging in again immediately.
  5. Click the Close button to close the dialog.



© 2026 Cisco and/or its affiliates. All rights reserved.

For more information about trademarks, please visit: Cisco trademarks 
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit:  Accedian legal terms and trademarks


© 2026 Cisco Privacy Statement Cookies Legal