User Management

Overview #

User Management is the central hub for creating, editing, and managing user accounts across your entire DnXT Suite environment. It provides three tabbed views — Users, User Roles, and User Groups — that together give you complete control over who can access the system, what roles they hold, and how they are organized.

All user accounts created here apply across DnXT Publisher, DnXT Reviewer, and DnXT Administrator. Role and group assignments determine what each user can see and do within each application.

Key Concept: Users are individual accounts. Roles define what permissions a user has. Groups organize users into teams and control resource-level access (which dossiers, submissions, and modules a group can see).

Accessing User Management #

Log in to DnXT Administrator.
Click User Management in the left sidebar.
The User Management view opens with three tabs: Users, User Roles, and User Groups.

Users Tab #

The Users tab displays all user accounts in a searchable, filterable table. An A-Z alphabetical index along the top allows you to quickly jump to users whose names start with a specific letter.

Users Table #

The users table includes the following toolbar actions:

Add — Create a new user account
Export — Download the user list as a CSV file
Refresh — Reload the user table

You can filter the table using:

Module Filter — Show only users who have access to a specific application (Publisher, Reviewer, Admin)
Tenant Filter — Available to Super Admins only; filter users by tenant

Adding a New User #

Click the Add button in the toolbar to open the Add User dialog. DnXT supports three user types, each with different fields:

Local User #

A local user account is created and managed entirely within DnXT.

Select Local as the user type.
Enter the Username (must be unique across the system).
Enter the user’s First Name and Last Name.
Enter the user’s Email Address.
Select a Role from the dropdown (e.g., Administrator, Viewer, or a custom role).
Check the module checkboxes to grant access to Publisher, Reviewer, and/or Admin.
Click Save.

LDAP User #

An LDAP user is authenticated against your organization’s LDAP/Active Directory server.

Select LDAP as the user type.
Enter the Username.
Enter the Distinguished Name (DN) from your LDAP directory.
Enter the Domain name.
Select a Role from the dropdown.
Check the module checkboxes for application access.
Click Save.

Tip: LDAP users authenticate with their directory credentials. You do not need to set a password in DnXT — the LDAP server handles authentication. Ensure your LDAP connection is configured in Configurations > SSO Configuration before adding LDAP users.

SSO User #

An SSO (Single Sign-On) user is authenticated through a federated identity provider (e.g., Azure AD, Okta, SAML).

Select SSO as the user type.
Enter the Username.
Enter the user’s First Name and Last Name.
Enter the user’s Email Address.
Enter the Federated ID (the user’s unique identifier from the identity provider).
Select a Role from the dropdown.
Check the module checkboxes for application access.
Click Save.

Important: The Federated ID must exactly match the claim value sent by your identity provider during SSO authentication. Mismatches will prevent the user from logging in via SSO.

User Details Panel #

Click any username in the table to open the User Details panel on the right side. The panel displays the user’s avatar at the top and a status pill indicating their current state:

Status	Description
Active	The user can log in and use the system
Invited	An invitation has been sent but the user has not yet completed setup
Inactive	The user account is temporarily disabled; they cannot log in
Offboarded	The user has been permanently removed from active use

The detail panel is organized into collapsible accordion sections:

Basic Info #

View and edit the user’s first name, last name, email address, username, and user type. Changes are saved with the Save button.

Role and Access #

View the user’s assigned role and module access checkboxes. Change the role by selecting a new value from the Role dropdown. Toggle module access by checking or unchecking the Publisher, Reviewer, and Admin checkboxes.

Compliance #

Manage compliance-related settings for regulated environments:

Training Tier — Assign the user’s training level for compliance tracking
E-Signature — Configure e-signature settings for the user (required for 21 CFR Part 11 compliance)

Security #

View and manage the user’s security information:

Last Login — Date and time of the user’s most recent login
Login Count — Total number of times the user has logged in
Two-Factor Authentication (2FA) — Enable or disable 2FA for this user
Reset Password — Send a password reset link to the user’s email
Force Logout — Immediately terminate the user’s active session

User Roles Tab #

The User Roles tab lets you define roles and their associated permissions. Each role specifies what actions a user with that role can perform within each DnXT module.

Roles Table #

The roles table lists all defined roles with toolbar actions:

Add — Create a new role
Delete — Remove selected role(s)
Refresh — Reload the roles table

Creating a New Role #

Click the Add button.
Enter a Role Name (e.g., “Regulatory Specialist”, “Document Manager”).
Provide an optional Description.
Click Save.
The new role appears in the table. Select it to configure its permissions.

Configuring Role Permissions #

Select a role from the table to open its detail panel. The detail panel shows a list of per-module permissions. For each DnXT module (Publisher, Reviewer, Admin), you can toggle individual feature permissions on or off.

Tip: For more granular permission configuration, use the Permission Management module, which provides a hierarchical tree view of all permissions organized by module and feature.

User Groups Tab #

The User Groups tab lets you organize users into groups. Groups simplify permission management — instead of assigning permissions to individual users, you assign them to a group and then add users to that group.

Groups Table #

The groups table lists all defined groups with toolbar actions:

Add — Create a new group
Delete — Remove selected group(s)
Refresh — Reload the groups table

Creating a New Group #

Click the Add button.
Enter a Group Name (e.g., “US Regulatory Team”, “EU Reviewers”).
Provide an optional Description.
Click Save.

Group Detail Panel #

Select a group from the table to open its detail panel, which includes:

Per-Module Permissions #

Configure which features of each module are accessible to members of this group. Permissions defined at the group level are combined with role-level permissions — a user must have permission from both their role and their group to access a feature.

User Assignment #

Add or remove users from the group. The user assignment section shows two lists:

Available Users — Users not currently in the group
Group Members — Users assigned to the group

Use the arrow buttons between the lists to move users between them.

Reviewer Dossier-Level Access #

For Reviewer-specific groups, you can configure dossier-level access to control which dossiers the group members can see and review. This provides fine-grained access control at the dossier, submission, and CTD module level.

Warning: Deleting a group does not delete the users within it, but those users will lose any permissions that were granted through the group. Review the group’s member list before deletion to ensure users will retain appropriate access through their roles or other groups.

Common Tasks #

Deactivating a User #

Navigate to User Management > Users.
Click the user’s name to open their detail panel.
In the Basic Info section, change the Status dropdown to Inactive.
Click Save.

The user will no longer be able to log in. Their data and audit history are preserved.

Resetting a User’s Password #

Open the user’s detail panel.
Expand the Security accordion section.
Click Reset Password.
A password reset link is sent to the user’s registered email address.

Enabling Two-Factor Authentication #

Open the user’s detail panel.
Expand the Security accordion section.
Toggle Two-Factor Authentication (2FA) to enabled.
Click Save.

The user will be prompted to set up 2FA on their next login.

Exporting the User List #

Navigate to User Management > Users.
Optionally apply filters (Module or Tenant) to narrow the export scope.
Click the Export button in the toolbar.
A CSV file downloads containing the filtered user list.

FAQ #

What is the difference between deactivating and offboarding a user? #

Inactive is a temporary status — the user cannot log in but their account is fully intact and can be reactivated at any time. Offboarded is a permanent status indicating the user has left the organization. Offboarded accounts are retained for audit trail purposes but cannot be reactivated.

Can a user have multiple roles? #

Each user is assigned one primary role. However, group memberships can layer additional permissions on top of the role. If you need a user to have capabilities from two roles, create a custom role that combines the needed permissions, or use groups to supplement the base role.

How do I bulk-import users from LDAP? #

DnXT does not currently support bulk LDAP import through the UI. To add multiple LDAP users, create each one individually using the Add User dialog with the LDAP user type. Ensure your LDAP connection is configured in Configurations > SSO Configuration first.

What happens to a user’s data when they are deleted? #

Deleting a user removes their account from the active system. However, all actions performed by the user are retained in the Audit Trail with their username. Document ownership and workflow history remain intact.