In BlueConic, users are managed in Access Management, where you can:
Add and delete users
Reset passwords
Grant domain-based permissions
Before you begin
Identify whether you use domain-based or role-based permissions.
Configure roles in Access Management if using role-based permissions.
Add users
Go to BlueConic Settings > Access Management.
The Users tab opens with the list of existing users.
Select Add user.
Enter a valid email (e.g., user@domain.com). This serves as the username.
On first login, the user receives a verification code via email. The user must enter it to access BlueConic.
(Optional) Enter the user’s full name. If left blank, their email appears instead.
(Optional) Add a mobile number for password recovery.
Set a password and share it with the user for their first login.
Passwords must contain:
At least 12 characters
At least 1 uppercase letter (A-Z)
At least 1 lowercase letter (a-z)
At least 1 number (0-9)
At least 1 special character (other than digits and letters)
A user cannot reuse their previous three passwords.
Select one or more roles to define the user's access to BlueConic features.
(Optional) Choose the domain(s) where the user has write access:
All Domains: the user has access to all current and future domains
Application Managers always have access to all domains.
Select Domains: The domain(s) that you select for the user restrict their write permissions across BlueConic. Learn more about user permissions here.
Click Save to create the new user.
Send the entered passcode to the user and have them login.
First-time logging in
New user login process:
The user enters their email and password (provided by the Application Manager).
BlueConic emails a unique verification code.
The code expires in 24 hours; a new one is generated if needed.
The user enters the code to complete login.
Manage users
Changing a BlueConic user's password
To reset the password for a user, the Application Manager can:
Click the name of the user from the list.
Enter a new temporary password for the user.
Select Force password change on next login.
Give the user their new one-time password.
Click Save.
Delete users
To delete a user:
Click the name of the user from the list.
Select the drop-down next to Save.
Click Delete
Click Delete to confirm.
Configure inactivity settings
By default, BlueConic user accounts remain active regardless of inactivity. To improve security, tenant administrators can now configure BlueConic to automatically disable user accounts that have been inactive for a set number of days.
From the BlueConic navigation bar, choose Settings > Access management > Inactivity settings.
Customize the Automatic logout setting for BlueConic users at their site to any time between 30 (minimum) and 60 minutes (maximum) of inactivity.
In the Disable inactive accounts section, toggle the setting to On.
Enter the number of days (between 1 and 365) after which an inactive account should be disabled. The default is 90 days.
Click Save.
When enabled, BlueConic will monitor user activity. If a user takes no action within the specified number of days, including logging in, making API requests, or interacting with the platform, their account is disabled automatically.
Note: Only users with permission to manage inactivity settings can update this configuration. By default, this permission is assigned to BlueConic application managers.
FAQ
How do I reset my password with SSO?
If your site uses single sign-on (OneLogin, OKTA, Google G-Suite, etc.) the password reset and password requirements are enforced by your single sign-on provider and not by BlueConic. Contact the BlueConic administrator at your site for more information.
What do I do if my user does not receive a verification code?
Navigate to Access Management > Users
Select the user from the table
Click Generate verification code
Share the verification code with the user
This new verification code is valid for 30 days from the time of generation.