Vault Admins are responsible for creating and managing users in Vault Basics. You can perform all of the user administration functionality from the Admin > Users & Groups tab.
Security Profiles & Licenses
You can provide users access to Vault based on their role at your organization using security profiles and licenses.
Security profiles define what each user can do in the system based on their role. License types and application licenses work in conjunction with security profiles to provide users access to the tools and information relevant to their role.
The table below details the security profiles and the possible license types for each security profile. See the Security Profiles, License Types, and Application Licenses sections for more details.
Security Profile | License Type | Required Application License | Optional Application License |
---|---|---|---|
Vault Admin | Full User | Submissions Full User | Submissions Archive Full User |
Submission Manager | Full User | Submissions Full User | Submissions Archive Full User |
Document Manager | Full User | Submissions Full User | Submissions Archive Full User |
Read-Only User | Submissions Read-Only User | Not available |
Security Profiles
The following security profiles are available for each Vault RIM Basics user:
- Vault Admin: This security profile provides Vault administrators access to all of the tools and information needed to create and manage your organization’s users, product families, products, and other core data.
- Submission Manager: This security profile provides submission managers access to all of the tools and information needed to create and manage applications, submissions, content plans, and documents throughout their entire lifecycles.
- Document Manager: This security profile provides document managers access to all of the tools and information needed to create and manage documents throughout the document lifecycle.
License Types
The following license types are available for each Vault RIM Basics user:
- Full User: This license type provides users access to all functionality and information allowed by their security profile.
- Read-Only User: This license type provides users read-only access to the information stored in your Vault. Only the Document Manager security profile can have read-only access.
Application Licenses
The following application licenses are available for each Vault RIM Basics user depending on their role in your organization:
- RIM: Submissions Full User: This application license provides users access to all functionality except viewing and importing previously published submissions using Submissions Archive.
- RIM: Submissions Archive Full User: This application license is an optional add-on to the Submissions Full User license that allows users to view and import previously published submissions in Submissions Archive. This application license requires users to also have a RIM: Submissions Full User application license.
- RIM: Submissions Read-Only User: This application license provides users read-only access to the Submissions information stored in your Vault. Only the Document Manager security profile can use this application license type.
Creating Users
When you create a new Vault RIM Basics user for your organization, you can select the user’s security profile, license type, and application license types.
If a user record for one of your users already exists in one of your other domains, such as Vault Clinical Basics or Vault Quality Basics, you can select that existing user to automatically populate some of the user’s information.
Vault requires all new users not using SSO (Single Sign-On) to update their password the first time they log in.
Creating New Domain Users
Complete the following steps to create a new domain user:
- Navigate to the Admin > Users & Groups tab and click Create.
- On the Create User page, select Create Domain User from the Domain User drop-down.
- In the Create Domain User dialog, enter the user’s First Name, Last Name, User Name, and Email.
- Optional: Click Edit in the Image field, upload an image to use for the user’s profile, and click OK.
- Select a Language and Locale for the user. These options control localization options for the user, such as number and date formats and label language.
- Select a Timezone for the user. Vault stores time and date information in UTC (Coordinated Universal Time) but displays that information to users in their local time zones.
- Click Save. Vault fills out the Domain User and General Info sections based on the information you entered.
- Select the user’s Security Profile based on their role in your organization.
- Select the user’s License Type required for their security profile.
- If your organization uses SSO, enter the user’s Federated ID to associate the user record with the user ID used for SSO.
- Select the User Account Activation date if you want the account to become active at a later date.
- Check the Send Welcome Email on Activation Date checkbox if you want the user to receive a welcome email.
- In the Application Licensing section, select the appropriate RIM: Submissions and RIM: Submissions Archive application licenses.
- Enter any optional information as needed.
- Click Save. New users are active immediately unless you select a later activation date.
Creating Users for Existing Domain Users
Complete the following steps to create a domain user for a user that already exists in another domain:
- Navigate to the Admin > Users & Groups tab and click Create.
- On the Create User page, search for and select the existing domain user from the Domain User drop-down. Vault fills out the General Info section with the user’s information.
- Select the user’s Security Profile based on their role in your organization.
- Select the user’s License Type required for their security profile.
- Select the User Account Activation date if you want the account to become active at a later date
- Check the Send Welcome Email on Activation Date checkbox if you want the user to receive a welcome email.
- In the Application Licensing section, select the appropriate RIM: Submissions and RIM: Submissions Archive application licenses.
- Enter any optional information as needed.
- Click Save. New users are active immediately unless you select a later activation date.
Creating Cross-Domain Users
Cross-domain users can log in to any Vault they have access to using their existing home domain login credentials or using SSO if it is enabled for your organization.
Complete the following steps to create a new cross-domain user for Vault RIM Basics:
- Navigate to the Admin > Users & Groups tab and select Create Cross Domain User from the All Actions menu.
- In the Create Cross Domain User dialog, enter the full User Name of the existing user.
- Select a Security Profile and License Type.
- Click Save to save the cross-domain user information. Vault automatically populates the remaining required profile fields based on the existing user information from the home domain.
Registering VeevaID Users
Complete the following steps to register a VeevaID user:
- Navigate to the Admin > Users & Groups tab and select Register VeevaID User from the All Actions menu.
- In the Register VeevaID User dialog, enter the user’s email address.
- Click Invite User to VeevaID.
- Enter the user’s First Name and Last Name.
- Select the Language, Locale, and Timezone.
- Select the License Type and Security Profile.
- Click Send Invite. Vault sends an email to the user to complete the registration process. You will receive an email notification when the user has completed their registration.
Editing User Information
To edit a user’s information, open the user record from the Admin > Users & Groups tab and click Edit. Edit the information as needed and click Save to save the changes. See Creating New Domain Users for more information about the fields available on a user’s profile.
The following circumstances apply when editing a user’s record:
- When you update information for cross-domain users, Vault syncs the changes across domains.
- You can update the User Name field, but you cannot edit the domain to which the user belongs.
Deactivating & Reactivating Users
If a user leaves your organization and no longer needs to be active in the system, Vault Admins can fully deactivate the user.
Complete the following steps to deactivate or reactivate a user:
- From the Admin > Users & Groups tab, open the user record that you want to deactivate.
- From the Workflow Actions menu, select Change State to Inactive.
- Select Yes to confirm that you want to deactivate the user.
- If you need to reactivate the user, select Make User Active from the Workflow Actions menu.
- Select Yes to confirm that you want to reactivate the user.
Managing Delegates
You can designate vault users as delegates who can perform Vault responsibilities on another user’s behalf on a temporary or ongoing basis. Vault tracks and logs activities performed by delegate users to meet compliance standards. Delegates can easily switch between their own account and other accounts they have been delegated access to.
Adding Delegates
Complete the following steps to add a delegate to a user:
- Navigate to the Admin > Users & Groups tab.
- Select Active Delegations from the Users & Groups pane on the left. Vault displays all active delegations.
- On the Active Delegations page, click Create.
- In the Add Delegates dialog, search for and select the User Name you want to add delegates to.
- Search for and select the Delegates you want to delegate access to. You can add a maximum of 25 users as delegates.
- Enter a Start Date and an End Date to add a time frame during which the delegated users can access the account. Alternatively, select Never to add a permanent delegate without an end date.
- Click Grant Access. Vault emails the delegates with information about the delegated access.
Editing Delegate Access
Complete the following steps to edit delegate access:
- Navigate to the Admin > Users & Groups tab.
- Select Active Delegations from the Users & Groups pane on the left. Vault displays all active delegations.
- Select Edit from the Actions menu to the right of the user name in the Name column.
- In the Edit Delegate dialog, update the necessary information and click Update. Vault saves the updated delegation.
Revoking Delegate Access
Complete the following steps to revoke delegate access:
- Navigate to the Admin > Users & Groups tab.
- Select Active Delegations from the Users & Groups pane on the left. Vault displays all active delegations.
- To revoke delegate access, select Revoke Access from the Actions menu to the right of the user name in the Name column. Vault removes the delegation and emails the delegate to inform them that their delegate access has been revoked.