11. User management with EntraID
      Back to home
      1. AskCody Help Center
      2. Implementing AskCody
      3. 11. User management with EntraID

      Setting up User Management

      This article covers the two different ways of managing users in the AskCody Platform and when to invite which users in the implementation process.

      The two steps in the user management process

      1. Inviting the Project team

        As we explained in Step 3 - Inviting your project team, it is important to set the right project team with individual stakeholders when implementing a Platform like AskCody. We started by inviting the project team manually and setting up the integration to EntraID, but we have not yet configured the user groups with AskCody roles, and started the synchronization. If the synchronization of users had started, all the manually added users in the project team would have been overwritten. The users in all the other user groups would have been given access to the AskCody Platform way too early without any notice or a user adoption plan. 

      2. Inviting the rest of the organization to the AskCody Platform

        The next step in the user management process will take place right before the AskCody Platform "Go Live" in your organization. This is where we will invite all users that need access to the AskCody Portal (receptionists/front desk, service staff/hospitality team, facility managers, etc.) and the users that need access to Outlook Add-ins. 

        In the last article, we learned about the AskCody roles and memberships, so if you are ready and know the structure of your user groups and user management based on the role hierarchy, let's get started. 

      • Automatic user management with Entra ID 

        At this point, you might have synchronized one group to AskCody, the project team. This might also be your root group? If you have not already created a root group, consisting of all the users who need access to the AskCody Platform, this is the first thing you need to do.

        1.   All users in the root group

        Create a group in your AD consisting of all users that need access to the AskCody Platform (Web Portal users, Admin Center users, and Add-in users). This should be synchronized as your new root group in the AskCody Azure Portal. It is important that your root group consists of all users since you can't create other user groups with users not available in the root group. 



         
        2.    Define user groups
        Now it is time to define your user groups. Depending on which elements of the AskCody Platform you have set up and the levels of user management and accesses to the platform you need, the user groups you need are based on that information. 



        Most commonly, we see that our customers choose to either replicate the user group structure from their AD into the AskCody Azure Portal or create specific user groups in EntraID for AskCody use only.

      Tip

      We always recommend having one specific AskCody group created in your entraID and in the AskCody Azure Portal, the Owner group. Here you will add all the users in your organization that need to be Owners of the AskCody Platform (The Owner role has access to everything in the Portal). This will make sure you don't synchronize yourself and other owners with the AskCody Portal. 


      Choosing to replicate the structure of your user groups from EntraID       works well for large organizations with a lot of user maintenance because they don't have to remember to add and remove users from separate user groups created specifically for AskCody. Though it takes a little longer to set up in the AskCody Azure Portal, because you will have to replicate all your user groups from EntraID, it will be easier to maintain in the long run. 

      Choosing to create specific user groups for the roles and areas represented in AskCody can sometimes seem easier if you have a complex setup of your EntraID, and creating new groups for the AskCody project can be the right solution. This will then require you to remember putting the new users added to EntraID in the right AskCody user groups as well.

      Recommendations for AskCody specific user groups: 
      (This is just an example representing only some of the roles and layers AskCody provides; read about all the roles here.)

      User Groups

      		 AskCody Roles
      Owners
      The users who should have access
      to the whole Platform      		 Owner role, Add-in user
      Facility Managers Resource Administrator, Dashboard Administrator, Display Administrator, Insights Portal User, Add-in User
      Service teams/Hospitality team Administrators Services Administrator, (Add-in User)
      Service teams/Hospitality team Services Portal Users, (Add-in User)
      Receptionists/Front desk Visitors Administrator, Add-in User
      Secretaries, PAs, meeting coordinators Add-in User, Add-in User Delegated Access, Search Specific Room
      Add-in Users
      Bookings Add-in, Visitors Add-in, Services Add-in      		 Add-in User


      3.   Start the EntraID synchronization
      When you have all your groups relevant for your organization created, it is time to start the synchronization again. To begin with, you paused the sync to edit your root group and created your new user groups.