DocsAPI

4. Grant User Access

Add users to platform, set access and permissions

OverviewCopied!

Users access the VPN using the Remote Access Client (RAC), an on-demand VPN client that can run on Windows, Mac, Linux, iPhone, and Android. Users can authenticate via Basic Auth or OAuth, and can be segmented into groups to separate access. 

Setting up user access consists of three steps:

  1. Add Users

  2. Set User Permissions

  3. Access the VPN

All User Management takes place from the User Management tab in your dashboard, so head there to follow along.

Add UsersCopied!

Users can be Created, Invited, or can Sign-Up (Pending Users).

For all these options, it is important to know the basic Access Level you want to assign:

Admin: Has access to all resources on the platform 

Platform User: Will have access to specified resources on the platform

Service User: Will only have the ability to use the VPN via Remote Access Client (cannot log into the platform).

For this guide we are assuming you are configuring Service Users.

Create Users (basic auth)

Click on “Add a User” > “Create a User” under User Management to create a new Basic Auth user. Set a username, password, and specify the access level.

Invite Users (email, oauth)

Click on “Add a User” > “Invite Users” under User Management to invite new users by email. If OAuth is configured (or using SaaS) this should be a compatible email domain.

User Sign Up (On-Prem Only)

If using On-Prem Netmaker, you can have new users request access via [your netmaker dashboard url]/signup (e.x.: dashboard.example.com/signup). Once users have signed up, they will appear under “Pending Users” in your User Management dashboard.

You can then approve these users and set their access level under the Pending Users of your dashboard.

Groups

Groups are simple groupings of users and Network Roles. Some default groups are created which you can assign users to, or you can create your own.

Here we have a user group which will give access to a specific gateway on the “customer-a” network, and will give access to all gateways on the “oss-europe” network. You can click “Add user” to add users to the group.

Access the VPNCopied!

Once users are added to the platform and permissions configured, they can download and install the RAC (Remote Access Client) and log in to access the network.

Install the RAC

To install the Remote Access Client, users should download the platform-specific installer at https://www.netmaker.io/download. They should then follow the platform-specific instructions to install the client.

Logging In

Server: Users will need to know the Tenant ID for SaaS Netmaker instances, or API URL for On-Prem: 

  • Tenant ID: Can be found under Manage Tenant -> Settings

  • Netmaker API URL: api.<your netmaker base domain>

Users will then login via Basic Auth or OAuth depending on how they were added:

  • Basic Authentication: Enter Username and Password, click Log In

  • OAuth: Click the “Login with OAuth” button and then go through the provider’s login process.

Connect to VPN

Upon successful login, the user will see the gateways for which they have access.

Press the “Connect” button to connect to a specific gateway and access the network.

Press the “Disconnect” button, to disconnect, or the Refresh icon to refresh a connection.