Manage Users
Administrators can manage Zuora user accounts in your tenant. This article explains how to create and edit user accounts and reset passwords. This article also explains how to activate and deactivate users. An inactive user cannot access your Zuora tenant.
For the specific steps to create an API role, an API user, and an OAuth Client for an API user, see Create an API User.
View Users
To view the users currently configured for your tenant:
- From the Profile & Settings menu, select Administration > Manage Users. The All Users page opens.
- Click a username to view and edit information about the user, and view the user's login history.
- Click Reset Password to reset the password for users who do not use SSO login.
You can deactivate the user. Inactive means this user cannot access your Zuora tenant anymore.
Add Users
To create a user account for your tenant:
- Click your username at the top right, and navigate to Administration > Manage Users.
- Click add single user.
You can select a Zuora Platform Role and other roles for the user. You define and manage user roles on the Manage User Roles settings page.
The Locale field controls date formatting for that user. By default, the locale is English (United States).
See Personal Settings for more information about the fields that you can set when creating a user.
Assign a Role to a User
You can assign roles to users, including custom roles that you have created.
To assign a role to a user:
- Click your username at the top right, and navigate to Administration > Manage Users.
- Click the user's First Name, Last Name, or User Name. Zuora displays the user's Basic Information.
- Click edit.
- Select the roles that you want to assign to the user.
- Click save.
Create an OAuth Client for a User
Zuora recommends that you use OAuth to authenticate to the Zuora REST API. To authenticate using OAuth, you must first create an OAuth client for a user.
To create an OAuth client for a user:
-
Click your username at the top right and navigate to Administration > Manage Users.
The Users page opens.
-
Locate the user in the table, then check that the user's status is Active.
If the user's status is not Active, you must either activate the user or choose a different user.
-
Click the user's First Name, Last Name, or User Name.
For the OAuth client to be permitted to write data using the REST API, the user must have a Platform role that includes the “API Write Access” permission.
-
In the New OAuth Clients section, enter a name for the OAuth client.
-
If you have the Multi-entity feature enabled, select which entities the OAuth client will be permitted to access.
-
Click create.
Zuora displays the Client ID and Client Secret for the OAuth client. This is the only time you can see the Client Secret. You will need the Client ID and Client Secret to generate OAuth tokens.
-
Click OK.
After creating the client, you must generate an OAuth token from the Client ID and Client Secret. See Authentication in the API Reference for more information.
Reset All User Passwords
To reset passwords for all users in your tenant:
- Click your username at the top right, and navigate to Administration > Manage Users.
- Click reset all users' passwords. You will be prompted to confirm the action.
Zuora will send a new password notification to all of your users.
Export User Data to a CSV File
You can export the following user data to a .csv file:
- User ID
- User Name
- First Name
- Last Name
- Status
- Work Email
- Created On
- Zuora Billing Role
- Zuora Payments Role
- Zuora Commerce Role
- Zuora Platform Role
- Zuora Finance Role
- Zuora Reporting Role
- Zuora Insights Role
- Last Login
To export user data:
- Click your username at the top right, and navigate to Administration > Manage Users.
- Click Export User List. The Exports page appears with the All Users List CSV pre-selected for export.
- Click Export. When the export is complete, the CSV file is available for download.
- From the table, click the file name All Users List CSV to download the CSV file.
If Export User List is unavailable, ask your Zuora administrator to assign you a Reporting role that has the Enable Exports permission. For more information, see Data exports.
Use the Last Login Date to Manage User Accounts
The table of users on the All Users page includes a Last Login Attempt column, which gives you better visibility into user activity in your Zuora tenant.
Zuora recommends performing a regular review of all user accounts in your Zuora tenant. Deactivate user accounts that no longer need access to your tenant. Administrators of Zuora can use this page to review all user accounts that have been provisioned. Rows having a Status of Active represent users who currently have access to your tenant.
From this page, you can identify and deactivate any user accounts that are no longer needed. Use the Last Login Attempt column to this page. In general, users who have not logged into your Zuora tenant for a long time often represent good candidates for deactivation. You should also deactivate users who have left your company, or who have transitioned to other roles and no longer need to access your Zuora tenant.
Deactivate Users
Zuora recommends that you deactivate any user that is no longer associated with your organization, or any user that no longer needs to access your tenant. You will not lose historical information by deactivating a user account.
Zuora recommends that you explicitly cancel all the scheduled jobs initiated by the user that you are deactivating and recreate these jobs. Otherwise, Zuora transfers all the scheduled jobs initiated by the deactivated user to the earliest active user in the tenant. However, this active user might not have the required permissions, and the scheduled jobs might fail.
To deactivate a user:
- Click your username at the top right, and navigate to Administration > Manage Users.
- Click the user's First Name, Last Name, or User Name. Zuora displays the user's Basic Information.
- Click Deactivate User.
- When prompted, click Yes to confirm.
If you accidentally deactivate the user, or need to restore the user at a later time, you can revisit this page and click the Reactivate User button.