Manage User Accounts and Permissions

As a Site Manager, you can grant access to others to help edit and manage your site.  These users must have a valid Basic or Full SUNet ID.

Managing access to your site is an important part of your stewardship of Stanford's information. It is your responsibility to ensure that only required users have access to edit the site.

If you have questions regarding site editor access, please submit a help request.

Reasons for adding new users

• You want to share ownership of the site
• You are leaving and need to pass the site to a new owner
• You want to allow edit access for additional site editors, copywriters, collaborators, etc
• You want to allow stakeholders access to view unpublished pages

Note: For Stanford Sites Intranet, adding a user is not the primary method for granting access.

Add an individual new user and grant permissions

Skip this step if the user has previously logged into your site and see the instructions below for managing user permissions.

If you wish to add a group of people, consider using a Stanford workgroup. See our guide on managing permissions using a workgroup.

1. Navigate to Users > Add User: 

1. Click on + Add a SUNetID User. This will take you to Add SAML User form.
2. Fill in the SUNetID field only.
3. To grant permissions, select one or more of the options under Roles.
4. Click on Add SUNetID User.
5. Unclick Notify user of new account. This functionality is not used and may cause confusion.

A message will display at the top of the page if you have successfully created the SSO account.

Manage user permissions or "roles" for an existing user

Site Managers have permission to assign site manager, site editor, or contributor roles to existing users.

1. Navigate to Users from the admin toolbar: [your site url]/admin/users

1. Locate the user who needs updated permissions.
2. In the operations column, click Edit to update the user account:

1. On the Edit page, scroll down to the Roles section. Check the preferred role for the user account:

1. Click Save.

You should be returned to the User page and be greeted with a message saying that the changes have been saved.

Remove editing access

When a user's SUNet ID is deactivated, they will automatically be unable to log into your site. You may want to change access for a user who has changed roles or moved to another part of the university.

You can change user access in a number of ways. The recommended method is to remove their editor roles (Site Manager, Site Editor, Contributor.) You can do this by following the same instructions for adding access as listed above and unchecking any roles you no longer wish them to have.

Other options for removing access

• It is possible to stop someone from logging in by blocking their account. On the User edit page under Status click Blocked and then Save
• Canceling a user account. Drupal gives the option to cancel the User account. This should not be necessary. If you decide to take this step, please use extreme caution. It is possible to delete site content this way unless you use the default option. We recommend the option to Disable the account and keep its content.

Important note

Granting access to an Intranet uses a different approach. A new guide is forthcoming.

Troubleshooting

Error occurs when using [your site URL]/admin/config/people/simplesamlphp_auth/add-user link and will display an "Access Denied" error. 

Please use the following link instead: [your site URL]/admin/users/create/saml.

I logged into our site to check on our users list, and I noticed several users listed as "Stanford Staff". Can I find out who added them and how this happened?

Those listed as "Stanford Staff" are users who clicked on the Web Login button. They get the role "Stanford Staff" because that information comes along with all SUNet logins (Faculty, Staff, Student). Those roles do not come with any permissions at all, and there is no effect when they log in. It is nothing to worry about! You can also make the Web Login link smaller by making a manual link in one of the footer sections, or remove it entirely and just bookmark [your site].stanford.edu/user to log in.