User management

  An administrator role is required. For information, see User roles.

Note: Go to Settings > Tenant. The tenant and user details page opens. To return to the main menu, click next to the Nintex logo.

In the User management page, you can:

  • Configure single sign-on using SAML 2.0 protocol with SAML-supported identity providers. Example: Google Suite, Okta, Active Directory Federation Services and more.
  • Add new users and assign roles. You can also edit and delete existing users from the tenant.

Jump to:

Access the User management page

  1. Go to Settings > Tenant.

  2. Click User management.

Create, edit, and manage user groups

Create new groups of users. Permissions of workflows and connections can be assigned to the created groups in order to share the workflows and connections with the members in the group.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. Under the Groups section, click Add new. The Add new section is displayed with fields to create a new group.
  4. Type a Name for the group.
  5. Type a Description for the group.
  6. Select one or more owners from the Owner(s) drop-down list.
  7. Select the members you want to add to the group from the Member(s) drop-down list.
  8. Click Add. The group is created and displayed in the Groups section.

After the group is created, you can assign the permissions of workflows and connections to the group. For instructions, see Assign User and Owner permissions to connections and Workflow permissions.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. In the Groups section, on the right of the group you want to edit, click and then select Edit.

  4. Edit the fields as required and click Update.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. In the Groups section, open the Member(s) drop-down to view group members.

Add, edit, and remove tenant users

Note: Only users with email addresses from organization domain(s) can be added to your Nintex Workflow tenant.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. In the Users section, click Add user.

    Additional fields appear.

  4. Type the Email address of the user you want to add to the tenant. The email address must match the organization domain(s). For example, if the domain configured is Nintex.com, the email address must be user@nintex.com.

  5. Type the First name and Last name of the user.

  6. Select the role to assign to the user from the Roles drop-down.

  7. Click Add.

    The new user is added to the list of users on the page.

    The added user receives an invitation email message to create a Nintex password. This password link expires in five days. If the link is expired, the added user can request a new link from Support or click Forgot password? on the login page and create a password through the reset password process.

Note: 

  • Global administrators and Automation administrators cannot change their own user role. 

  • Global administrator roles cannot be assigned to guest users.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. On the right of the row for the user you want to edit, click and then select Edit.

  4. Select the role to assign to the user from the Role drop-down and then click Submit.

Important: When a user is deleted, the user's session will be terminated and any unsaved work will be lost.

  1. Go to Settings > Tenant.

  2. Click User management.

  3. On the right of the row for the user you want to edit, click and then select Delete.

User roles

Nintex Workflow users can be assigned one of the following user roles:

  • Participant: Permissions to view and submit forms, and view and manage their tasks in Nintex Workflow tenant via the Nintex Mobile app and the My Nintex > Forms page. Tasks with authentication enabled will require assignees to have Participant access.
  • Designer: Permissions to create and manage workflows and view tasks for the workflows they own. Includes permissions of the Participant role.
  • Developer: Permissions to create and manage custom connectors, Xtensions and Form plugins. For instructions on creating custom connectors, and Xtensions see Nintex Xtensions SDK. For instructions on creating Form plugins see, Form plugins SDK. Includes permissions of the Designer role and Participant role.
  • Automation administrator: Permissions to access all the Nintex Workflow tenant pages, which includes My Nintex, Workflows, and Settings. Automation administrators can override all tasks for all workflows. They can add users, but are not able to assign the Global administrator role. Automation administrators cannot configure Identity federation. Includes permissions of the Developer role, Designer role, and Participant role.
  • Global administrator: All permissions in Nintex Workflow, including configuring Identity federation, and can assign Global administrator role to other users. Includes permissions of the Automation administrator role, Developer role, Designer role, and Participant role.

    The Global administrator role is assigned automatically to the first person to request a Nintex Workflow tenant.

  • Organization admin: Permissions to manage the organization portal, including identity federation (Single Sign On), domain management, and SCIM. Organization admins can view all users in the organization and manage organization settings but do not have access to tenant specific design or automation capabilities unless granted separately.

For information about workflow owner and business owner permissions for workflows, see Workflow permissions.

Permissions

The table below shows the permissions for each user role:

 

Participant

Designer

Developer

Automation

administrator

Global

administrator

 Organization admin

Nintex Mobile app

            

Complete tasks

N/A

Submit forms

N/A
My Nintex            
Complete tasks **

N/A
Submit forms

N/A

Workflows

 

 

 

 

 

  

Create and modify workflows

N/A
Assign Workflow owner and Business owner permissions * With Workflow owner permissions : With Workflow owner permissions : N/A

Create connections

Depends on Connection settings

Depends on Connection settings

N/A
Assign connection permissions Depends on Connection settings Depends on Connection settings N/A

Access Xtensions framework

N/A
View workflow instances* N/A
View tasks* N/A
Override tasks N/A
Settings            
Domain management
Configure identity federation
Add and manage users
Add and manage groups

Assign Global administrator role to users

View and manage tokens
Assign Organization admin role to users
Important: 

*If the user has business owner permission for a workflow, they are able to view instance details and tasks for that workflow from Workflow tracking in My Nintex, despite their assigned role in User management. For information about applying permissions for workflows, see Workflow permissions.

**If the user has business owner permission for a workflow, they are able to delegate and override tasks depending on My Nintex Business owner settings.

Section

 Selection (or column or field) Description

Identity federation

Configure

Opens prompts in a new window for configuring identity federation to create a single sign-on experience. This selection is available only when no identity federation is configured yet.

For the steps on configuring identity federation, see the following links:
 

Provider

The protocol or method which enabled single sign-on for your Nintex Workflow tenant:

  • Azure Active Directory: Users can single sign-on to Nintex Workflow using their Azure Active Directory accounts.
  • SAML: Users can single sign-on using the credentials verified by their identity provider such as Okta, Active Directory Federation Services (ADFS), Google Suite, and more.

    • For more information on SAML, see Frequently asked questions: Single Sign-on with SAML protocol.

 

Domains

The domains that are federated for single sign-on with the Nintex Workflow tenant.

Example: YourDomain.com, YourCompany.com.

 

Configured by

Tenancy user name of person who configured the provider.

 

Date configured

Date and time on when the provider was configured.

  Options ()

 This feature requires the user to be a Global administrator and a verified primary domain owner.

Lists the following selections:

  • Update: Option to navigate to the Identity federation setup wizard. For more information see User management.
  • Delete: Removes the selected identity federation from the Nintex Workflow tenant or tenants.
  • Upgrade: Upgrades the selected identity federation on the Nintex Workflow tenant or tenants.
Identity federation settings Enable auto-acceleration

  This feature requires the user to be a Global administrator and a verified primary domain owner.

This setting is enabled by default for new tenants.

  • If enabled: After establishing a Single sign-on connection, you will sign into the Nintex Workflow tenant and the Nintex Workflow sign-in screen will not be displayed. You may or may not see the identity federation provider sign-in screen, depending on your identity federation provider configuration.

  • If disabled: For every login, you will need to sign into the Nintex Workflow tenant. You may or may not see the identity federation provider sign-in screen, depending on your identity federation provider configuration.
  Send welcome email to new participant role users

This feature requires the user to be a Global administrator and a verified primary domain owner.

This setting is off by default.

Users

Add new

Displays the Add user section with the following fields:

  • Email: Email address for the new user. Maximum number of characters: 255.

    Email addresses for users added to the tenancy must match the organization domain(s) of the tenant. The initial domain of the organization is the email address used by the person who requested the Nintex Workflow tenancy. You can add more domains in the Domain management page later.

    For example, if John Smith requested the tenancy using the email address jsmith@mycompany.com, then the email addresses entered for new users are validated for the mycompany.com domain.

    For more information on adding domains, see Domain management.

  • First name: First name of the new user; automatically populated if the email address is already registered with Nintex. Maximum number of characters: 30.
  • Last name: Last name of the new user; automatically populated if the email address is already registered with Nintex. Maximum number of characters: 30.
  • Roles: Lists the roles to assign to users. To add a role, select from the drop-down list. Roles are defined below.

When you click Add, an invitation email message is sent to the new user to create a Nintex password. This password link expires in five days. If the link is expired, the added user can request a new link from Support or click Forgot password? on the login page and create a password through the reset password process.

 

Email

Email address of the user.

 

First name

First name of the user.

 

Last name

Last name of the user.

 

Roles

Roles assigned to the user:

For more information about role permissions, see Permissions.

  • Participant: Permissions to view and submit forms, and view and manage their tasks in Nintex Workflow tenant via the Nintex Mobile app and the My Nintex > Forms page. Tasks with authentication enabled will require assignees to have Participant access.
  • Designer: Permissions to create and manage workflows and view tasks for the workflows they own. Includes permissions of the Participant role.
  • Developer: Permissions to create and manage custom connectors, Xtensions and Form plugins. For instructions on creating custom connectors, and Xtensions see Nintex Xtensions SDK. For instructions on creating Form plugins see, Form plugins SDK. Includes permissions of the Designer role and Participant role.
  • Automation administrator: Permissions to access all the Nintex Workflow tenant pages, which includes My Nintex, Workflows, and Settings. Automation administrators can override all tasks for all workflows. They can add users, but are not able to assign the Global administrator role. Automation administrators cannot configure Identity federation. Includes permissions of the Developer role, Designer role, and Participant role.
  • Global administrator: All permissions in Nintex Workflow, including configuring Identity federation, and can assign Global administrator role to other users. Includes permissions of the Automation administrator role, Developer role, Designer role, and Participant role.

    The Global administrator role is assigned automatically to the first person to request a Nintex Workflow tenant.

  • Organization admin: Permissions to manage the organization portal, including identity federation (Single Sign On), domain management, and SCIM. Organization admins can view all users in the organization and manage organization settings but do not have access to tenant specific design or automation capabilities unless granted separately.

 

Options ()

Lists the following selections:

  • Edit: Lists roles. To add a role, select from the drop-down list.
  • Delete: Deletes the user from the Nintex Workflow tenancy.
Groups Add new

Displays the Add new section with the following fields to enter details and create a new user group:

  • Name: Name for the group.
  • Description: Description about the group.
  • Owners(s): Drop-down list to select one or more owners for the group.
  • Member(s): Drop-down list to select one or more members for the group.
  • Add: Button to add the group after entering details in the given fields.
Name Name of the group.
Description Description of the group.
Owner(s) The owner or owners assigned for the group. Open the drop-down to see the names of the owners.
Member(s) The members assigned for the group. Open the drop-down to see the names of the members in the group.
Options ()

Opens a list with the following options:

  • Edit: Opens the Edit section to edit details of the selected group.
  • Delete: Deletes the selected group.