This page shows how to manage and create a new user accounts, and how to test and use them.
In the current version of FBO One (versions later than 43xx), you no longer need to create a User as a Person and then link them to an account. The process is now simplified and this can be done directly via the Administration Page.
Navigating to the user account administration page
1) Navigate to User Administration via a Menu search for "Users" and click on "Users" in the Security Menu.
2) If you have access to multiple locations, it may be best to begin by reducing the list to show users at your location only, or the location for which you are creating the account.
Use the 'FBO Location' box to select the correct location; the list will be filtered to show the chosen location only.
3) At the bottom of the existing User list, select 'Add New'
At this point it is worth noting that there are 2 types of User Accounts available:
- Private User Account – A regular username/password that represents a single individual. The password for the account must remain private to that individual only; he or she is not supposed to share it with colleagues. Private accounts are generally allocated to Management, Admin or Accounting staff that remain at their post and logged into FBO One for the majority of the working day. Also, all users that would access FBO One from their personal mobile device, would need their own private login account.
- Group User Account – This is an account which has multiple users. Each user validates each change they make using their own personal Pass code. This type of account is generally used for teams that work at a shared computer terminal, such as Customer Service Representatives, Ops or Ramp. The access rights can be restricted so that members of these groups only see, for example, the Ops and Ramp screens and are only able to perform front office functions. The advantage of a Group Account is that all group members use a generic login, and any changes they make are validated by their individual Pass Code. This means that should for example, front office Computers be used by multiple users, there is no need for each user to log in/out of FBO One each time they arrive at, or leave a post
Creation of a Private User Account
After having selected ‘Add New’ you can begin to fill out the details of your new user
- Type: Select one of the two options – Group or Private. In this case, you select Private.
- User Name: This is the name that will be used by this User to login to FBO One.
- Full Name: This field is optional and can indicate the users full name should the Username differ from the Users name (e.g. Username: Bob, Full Name: Bob Davis)
- Password: This field only needs to be filled out if the user will be granted access to their own Private account in addition to, or instead of, a group account. The user is supposed to change his or her password after the first time he or she logs in, so that the password is really private. This is How to Update a Password
- Default FBO Location: Select the FBO Location which should appear by default when this user logs in
- Organization for Audit log: For regular users, always select the organization ‘FBO One Users’ here. Even if an organization is defined in FBO One for each FBO Location, all user accounts of in-house users should still be linked - for any of the FBO Locations - to the ‘FBO One Users’ organization. The only user accounts that are linked to organizations other than ‘FBO One Users’, are third party users such as catering companies or operators. This includes robot-users, such as the NetJets Robot and the CFMU Robot user account. The purpose of using this method to link user accounts to organizations is to show a notification in the Operations screen in case an outside user makes a change to an order. See for example the NetJets Link , a yellow ‘new mail’ icon appears in the order list in case there is a new change made my NetJets or EuroControl CFMU. The letter that is shown with the notification, ‘N’ or ‘C’, is taken from the first letter of the organization that is linked to the user account that made the change, so in this case NetJets or CFMU. In short, to prevent notification icons from appearing when an in-house user makes an update in FBO One, ensure their login accounts all belong to the same organization.
- Group Member Passcode: This field is to be filled out only, if this user is intended not only to have a Private Account, but access to a Group account also. This field can be left blank for users who will access their Private account only
- Email Address: This is a mandatory field. It will be used by FBO One if you wish to Grant access to mobile devices for access to FBO One.
- Is read only: Check this box to grant a User read only access. The User will be able to view the areas they have been granted access to, but cannot make any changes
- Display times in UTC: If this box is checked, all timings within this users session will be displayed in UTC - Coordinated Universal Time, unchecked, all times will be local time (LT)
- Is Active: If at any point you wish to retract this users access to FBO One (e.g. the user is no longer part of the company), this box should be unchecked. Typically you cannot completely delete accounts, as they are still referenced by the Audit Log.
When you are finished, select save or, add new to continue creating users
Once saved, your user will be created and appear as shown below; the type of account created (group or private) is indicated by an icon.
The account basis is now created, but the user needs to be granted roles to define their access rights.
Assign User Roles
The User shown above currently has no access rights. Note that to view or edit the roles of a user, you must first click the ‘select’ command to the left of the user account record. The roles assigned to that user will then appear in the list ‘Roles granted to the user account selected above’.
Select the ‘add new’ button (shown above) to begin granting access to FBO One for this user.
Use the drop down menu to select roles for this user, after each selection, click ‘add new’ or ‘save’ when you are done.
Where a Private account is being created for a Group Member who does not require access to FBO One via a Private account, no roles need to be granted. The roles will be defined by the Group Account.
If you are unsure as to what each Role grants a user access to, Search for ‘Authorization’ using the search box on the left. In the below example, in order to access Back Office Administration, a user requires ACC and ADMIN roles
Your User is now created and has been granted access to the Ramp and Ops functions (see below).
Testing by Impersonating the account
To verify you have indeed provided the user with the roles you intended, click ‘Impersonate’ (highlighted in blue to the far right of the User).
This will mimic the Users account so that you can see exactly what your new user will be able to see/do.
To exit the Impersonate mode, Click ‘Switch Back’ as shown below
Creation of a Group User Account and Group Members
Before creating a group user account it is best to ensure that all Users you wish to assign to the Group Account have already been created as Group members using the steps above to create Private accounts; omit the Password and roles to ensure the user can only access the group account they are associated to.
Make sure that for each user you allocate a unique ‘Group member Pass code’. Try to keep these short, like BD for Bob Davis.
To begin creating the Group Account, click ‘Add new’
The following page will be displayed
- Type: Select ‘Group’
- Username: This should be generic for a group accounts e.g. Ops Desk, Ramp Desk
- Full Name: This is an optional field which may better define the group (e.g. Username: Ops – full name: Operations Front Desk Team)
- Password: This password will be used by all group members to login to FBO One
- Default FBO Location: Select the Location which should appear by default when group members log in
- Organization for Audit log: Select FBO One Users as explained in the Private User section above.
- Group Member Passcode: This field should be left blank, as it only applies to the group members and not to the group itself
- Email Address: This is a mandatory field – for a group account use a generic email address like firstname.lastname@example.org
- Is read only: Check this box to grant a User read only access to the group. The Users will be able to view the areas they have been granted access to, but cannot make any changes
- Display times in UTC: If this box is checked, all timings within this groups session will be displayed in UTC, unchecked, all times will be LT
- Is Active: If at any point you wish to retract this group’s access to FBO One this box should be unchecked.
To retract access from a single user within this group, this box should be checked within the User’s Private account, and then the User should be deleted from the group (see below)
Next, select the Roles to be attributed to the group account. In the below example, we are granting Operations staff access to Ops and Ramp functions only. Select ‘Add new’ to begin adding roles. Click ‘Save’ when you are done.
If at any point you need to remove Roles, simply check the box adjacent to the role(s) to be removed, ‘Confirm delete’ then ‘Delete’
Finally, you need to assign Group members to the Group Account.
In the third and bottom section of the page entitled ‘Members of the group account selected above’, click ‘Add new’ and search for the Users you wish to create as members of this group.
Upon each entry, click ‘add new’ to add additional members. When you are done, click ‘Save’ (Remember, each Group member must have a Private account created before being allocated to a Group – see Private account creation method above).
The Group Account is now created and three Group members have been assigned to the Group:
Once the Group account creation is complete, provide all Group Members with the Group login details you have assigned to the Group.
Group members will require the following details to be able to login:
- Group Account Username
- Group Account Password
- The passcode set in their Private Account
NOTE: The password will always be blanked out for security reasons. If you have forgotten the password, enter a new one. This will replace the old one.
Logging In and Operating under a Private or Group User Account
Working with a private account
When a user has been provided with a Private account they should use their Private Login and Password
Because Users are logged into their Private account, they are not required to provide a Pass code to validate each change they make, this will be logged automatically
Upon clicking OK the changes are logged and will be noted in the log and audit report.
Working with a group account
When users have been provided with access to a Group account, they should use the group's username and password to log in:
When working in a group account, the user must validate changes using their individual group member Passcode which will feed the logs.
Note: The passcode field has a default memory of 4mins (see application setting ValidationKeyExpireTime) so that the user will not have to re-enter their passcode for every single change. After 4 mins of absence the passcode is automatically cleared.
In the below example, the log shows the name of the person who has made the change, as well as the name of the Group account the user belongs to and was logged into.
Re-setting a forgotten Password
If a user has forgotten their password this must be reset by an administrator
Go to Administration > Security > Users and search for the user's account.
Select the account, then 'Edit'.
The 'Password' field will be blank. Enter a new password and 'Save'.
Make a note of the username and the new password. The user may now login again and change their password (if this is a private account)