User account settings

The settings on the Usernames page control the employee access to the system. In a multi-tenant enabled environment, you can also select an option that allows the Service Provider Administrator to impersonate (or work on behalf of) a particular user.

Setting	Description
Username	The name that the employee uses to access the system. The name must be unique across the enterprise. To ensure uniqueness, the employee email address is often used as the user name. When WFO is set up to use a third-party Identity Provider (IDP), the WFO user name must be identical to the user name registered in the IDP system.
DB Authentication	This setting is only displayed on systems that are set up for SAML authentication. When selected, turns on database authentication as an alternative authentication mechanism for employees already set up to be authenticated through SAML.
Password	The account password. The password is only used when the user authentication method is database authentication. It is not used for LDAP or SAML authentication.
Account Status	Affects the employee access to the system: Active: Activates the employee. Once assigned a role, the employee can sign in with the assigned user name and password. Force Password Reset: Forces the user to change the password the next time they sign in. The new password must comply with the active password policy. Not available for LDAP/SAML users. Force Password Reset with ID: Forces the user to change the password the next time they sign in, but they must identify themselves before the password can be reset. The new password must comply with the active password policy. Not available for LDAP/SAML users. Locked by Admin: An administrator has locked the account; an administrator must unlock it. Locked by Failed Login: The account has been locked because of failed attempts to sign in. Depending on configuration, the account becomes available after a defined period has passed. An administrator can also unlock it. Locked by Inactivity: The account has been locked due to inactivity; it can only be unlocked by an administrator.
Enable Impersonation	This option is only available in a multi-tenant enabled environment. A Tenant Administrator selects this option to allow a Service Provider Administrator (SPA) to impersonate a particular user. When this option is selected for a tenant user, the SPA has the option to select that user immediately after the SPA logs in. After the SPA selects the user, the SPA will see the application exactly as the user sees it (as if they have the same scope, permissions, privileges, and licensing as the tenant user). This feature is useful in troubleshooting scenarios. If a particular tenant user is experiencing a problem, the SPA can investigate the problem by impersonating the user. While impersonating the user, the SPA will see the same problem in the user interface that the tenant user is seeing. A SPA could also impersonate a Tenant Administrator to configure a feature that the Tenant Administrator is having trouble configuring, or to conduct training Semantic Intelligence (Si) process in Speech Analytics in which the system implements machine learning-based methods to extract and surface ontology-related items found in a sampling of transcribed interactions. for a tenant user. If the SPA makes a configuration change while impersonating a user (including a User Preferences change), the configuration change goes into effect and persists after the SPA exits impersonation mode. The SPA can impersonate a user while that user is online, so that both the SPA and the user are active in the application at the same time.