After a tap on the button in the main menu this panel is shown. See Section 4.2, “Menu”.
All non-deleted users are listed alphabetically by default. A different selection and sorting can be entered: see Figure 4.16, “Admin Web App: User - Select and Sort”.
The list can be traversed by tapping one of the buttons at the pager at the top or bottom of the page.
An entry is displayed for each user, with identifying data and some usage statistics. From top to bottom:
The user's role or status (at the top right corner).
An inline pagometer Pie-Chart followed by the user id. The blue color in the chart represents the number of pages printed to SavaPage. The green color represents the number of pages exported to PDF. The red color depicts the pages printed to Proxy Printers.
The user id of an Internal User is shown with an orange color.
The full name and email address.
The period in which user activity was accumulated on the pagometer.
The account balance and the pagometer including the number of jobs and bytes printed to any SavaPage printer.
The size of the user's SafePages home.
Tap the Section 4.4.4, “Edit User”.button to change or delete the user. See
Deleted Users cannot be edited.
The Section 3.8.2, “Transactions” in the User Web App chapter.button brings you to the list of financial transactions on the user's account. For a detailed description of this list see
The rightmost Section 4.4.2, “Download Personal Data”.button opens a pop-up where personal user data can be downloaded. See
Due to Admin Privileges certain buttons might not be visible.
Users can be selected by Group and by entering a part (fragment) of their ID or Email. So entering "son" as ID will select both "jason" and "sonja".
Select the Type, Role and (Deleted) Status. Thebutton will select both.
The list can be sorted Ascending or Descending on ID or Email.
Tap the button to (re)display the list.
A tap on the button resets the selection and sort fields to their default values.
The PDF and CSV buttons downloads the User List in their respective formats, using the selection item values.
The minus icon collapses the Select and Sort section.
This pop-up opens when the rightmost User List.button is pressed in an entry from the
Erased Users have their personal data cleared. Since their ID is empty, an “anonymous” placeholder with date/time of erasure is used for display.
This chapter describes the editable sections of the User entity.
Some data you edit, like the Name, Primary email, Card Number and ID Number might be overwritten by values from the user source during synchronization. See Section 184.108.40.206, “LDAP” and Section 4.10.2, “User Creation”.
The user's full Name can be edited. Remember this name can be overwritten for an external User as a result of user synchronisation. See Section 4.10.2, “User Creation”.
Assign the Administrator role by ticking the checkbox.
Tick thecheckbox to deny the user access to the SavaPage application.
When a User becomes Abstract its SafePages are removed.
User Roles are needed to access certain application objects, as shown in the table below.
Job Ticket Creator
Job Ticket Operator
Print Job Creator
Print Job Delegate
Delegated Print and Users and Groups with role “Print Job Delegator” for Delegated Print.
Print Job Delegator
This is a passive role. Delegators can be accessed by users with role “Print Job Delegate”.
Print Site Operator
Table 4.2. User Roles
Each role is set with a checkbox that has three states:
Checked : The role is enabled.
Unchecked : The role is disabled.
Unchecked and grayed out: The role is indeterminate.
If a User Role is needed to access an application function, SavaPage will check if this role is enabled for the authenticated user.
When the role is indeterminate at the user level, Group Roles are checked of the groups the user belongs to. Added Groups are checked first, then the Built-in Groups, with the “All Users” group as last.
Access is granted if there is at least one group where the role is enabled.
Access is denied when the role is indeterminate or disabled in all groups.
Print Job Creator role is special: an indeterminate state at “All User” top level is interpreted as granted.
The 3-tier group hierarchy (User Groups > Internal/External Users > All Users) is traversed bottom up, to resolve the role of individual Users only. Group hierarchy is not used to resolve roles for User Groups: roles defined at group level are fixed, and are not interpreted in the context of other groups, or individual members.
The Primary email and Other emails addresses are editable and must each be unique: they can be associated to just one User. Multiple emails must be separated by any of the characters space, comma, semicolon, or by carriage return or line feed.
The Card Number and ID Number are editable and must each be unique: they can be associated to just one User.
The ID Number is used as authentication token for Internet Print.
The Card Number must be entered in HEX/LSB format. See Section B.1, “Card Number Format”.
The PIN must be digits only.
The minimum length of ID Number is
contained in configuration key
user.id-number-length-min. The minimum
and maximum length of a PIN are contained
in the configuration keys
user.pin-length-max. A maximum value
0 (zero) indicates the maximum is unspecified.
See Section 220.127.116.11, “Config Editor”
on how to change these values.
The YubiKey Public ID is used for YubiKey Authentication.
Press thebutton to commit the changes and return to the User List.
Thebutton brings you back to the User List without changing anything.
In this section the OpenPGP Public Key ID of the user can be entered. This key will be used to encrypt email send to the user. The Section 11.4, “OpenPGP Settings”.and buttons are shown when the OpenPGP key server URL is configured. They open a tab to the key server, where public keys can be searched and checked (verified). See
The UUID is used as authentication token for Internet Print and RESTful Web Services. It is automatically created when a user successfully logs in for the first time. A new UUID can be created by pushing the button.
Users can replace their own UUID. See Section 3.10.1, “Internet Printer”.
A new value for the user's account Balance results in a financial transaction that corrects the previous account balance. See Section 3.8.2, “Transactions”. The user is notified by a pop-up message in his active User Web App when his balance is adapted.
Set the Credit limit with one of these buttons:
: user has no credit limit, and is not restricted.
: when selected a custom credit limit can be entered.
For an Internal User Password actions are shown.
The User Web App. This gives administrators a means to disable login by user name/password, in favor of other authentication methods.button is shown when a password is set. When pressed, it erases the password and makes itself disappear again. Without an initial password, users cannot reset their password in the
A tap on the Password Reset Dialog. Use this dialog to initially set or change a password.button shows the
Press the next section describes the effect of this action.button to delete the user and return to the User List. The
Thebutton bring you back to the User List without changing anything.
The prefix of ID is contained in the
The minimum length of the Password is
contained in the configuration key
See Section 18.104.22.168, “Config Editor” on how to change these configuration values.
Internal Users can also be added with the Server Command Tool. See Section C.1.2, “addInternalUser”.
Deleting a User makes sense if he is not part of the user source anymore and was not deleted as part of a bulk delete during a manual synchronization. As long as job history or account transactions for a User are present , SavaPage applies a logical delete. Any logical deleted User will be physically deleted from the database when no related job history and account transactions are present anymore. This situation will automatically occur when you enabled automatic backup in combination with the delete of old document and transaction logs.
If SavaPage synchronizes a new User from the user source, a new user instance will be created in the database, despite the fact that a logical deleted User exists with the same identifying name, i.e. the logical delete status of the "identical" user will remain as it is.
SavaPage sets up a dedicated account called
This is the master administrator account, with access to all application
functions, whose password is assigned during configuration. In large
organizations it is likely that the administrator role needs to be granted to
more than one person. One solution is to give all those persons the master
password; however a better approach is to assign the administrator role to the
network user accounts of these individual's. The advantages of this approach
Administrators can access the Admin Web App with their own username and password.
Since most administrative activity is logged in an audit trace, changes can easily be tracked back to an individual.
Access to certain parts of the Admin Web App can be set on User Group level with Admin Privileges.
Administrative users should login via
so that they are directed to the correct interface.
 A universally unique identifier (UUID) is an identifier standard used in software construction. See https://en.wikipedia.org/wiki/Universally_unique_identifier
 When a users does not print on his own, but is printed for via Delegated Print, no job history is present for that user, but (pending) transactions are.