Users

On the Users page in Security, organization admins, solution admins, and users with required permissions can manage the users and admins associated with their organization. Users are individuals with Blackbaud IDs who can access features and tasks in a Blackbaud solution. Admins are users with permissions to perform admin tasks.

The Users page lists all of the organization's active and inactive users and admins with Blackbaud IDs, not just users and admins for a particular Blackbaud solution. It displays each user's admin rights and the solutions that they can access. For information about how to add users or admins, see Add user. And for details about admin types, see Admins Tasks.

To add users, admins assign roles to the feature areas in Blackbaud solutions that users need to access, plus any admin rights, and then send email invitations. Users and admins can then use their new Blackbaud IDs to access feature areas and tasks based on their assigned roles, and they can also access their user profile and other resources. To learn about feature areas, roles, and how a user's level of access is determined, see Role-based Security Overview.

  1. On the Users page, select Add user.

  2. Enter personal details for the user's Blackbaud ID profile.

    • Enter a first and last name to identify the user.

    • Enter an email address to receive the Blackbaud ID invitation.

    • Enter a job title to describe the user's role with your organization.

  3. To limit user access to a specific time frame, select an end date for the user in the Access expiration date field. For example, you can set an expiration date to provide temporary access to a seasonal worker or volunteer. After the expiration date, the user is automatically marked inactive and loses access to the Blackbaud features that you manage here under Security and also to your organization's Blackbaud services, such as Support and Training.

    Tip: The expiration date doesn't affect access to Blackbaud solutions that you don't manage under Security. If an admin gives the user access to a solution that is managed somewhere else, the user retains access to that solution until an admin manually removes it.

  4. Under Security, assign roles for the feature areas that the user needs to access.

    1. In the solution list on the left side of the section, select the Blackbaud solution. Feature areas for that solution then appear on the right side of the section.

    2. For each feature area that the user needs to access, select the role that provides the correct level of access. Review the description to make sure you select the correct role. You can only assign one role per feature area.

    3. If the user requires access to multiple solutions, select the other solutions and assign roles for feature areas as necessary.

  5. Also under Security, assign any admin rights that the user requires. For information about admin types, see Admins Tasks.

    • To designate an organization admin with full rights to manage all organizational admin tasks, select Make organization admin.

    • To designate a solution admin with rights to manage a specific Blackbaud solution, select that solution on the left side of the section and then select Make solution admin.

    • To enable regular users to manage organizational admin tasks, select Blackbaud account management on the left side of the section and then select the necessary security roles. Or to grant solution-specific admin rights to manage users and roles, select the solution on the left side of the section and then select the appropriate security role under User management.

  6. To send the email invitation, select Send invite. It can take several minutes to process before users can use their new Blackbaud IDs to begin working.

    Tip: If a user can't find the invitation, direct them to the confirmation page or the Blackbaud sign-in page to access Blackbaud solutions. To make sure your organization's email server doesn't block email delivery, confirm that your email server, proxy server, and firewall allow email from @blackbaud.com, @blackbaudondemand.com, and @blackbaudemail.netcommunity1.com and that your email servers or network appliance allow the Internet Protocol (IP) range 205.139.104.0/22 (205.139.1 - 205.139.107.254).

To adjust a user's level of access in Blackbaud solutions, admins can add, edit, or delete the roles that control access to feature areas. Admins can also adjust admin rights for the user as necessary. If admins need to entirely remove a user's access to a Blackbaud solution, they can Remove solution access instead of adjusting individual roles.

Tip: Admins can't edit the name or email address for users who authenticate through Blackbaud's secure authentication service. Users enter their names and email addresses when they create Blackbaud IDs, and only they can change those values on their Blackbaud ID profiles. However, if your organization uses single sign-on (SSO) to authenticate Blackbaud IDs, your network administrator can manage user names and email addresses through your identity provider.

  1. On the Users page, find the user in the list and select Manage roles from their menu.

  2. To place an end date on the user's access, select a date in the Access expiration date field. For example, you can set an expiration date on a user who is leaving your organization. After the expiration date, the user is automatically marked inactive and loses access to the Blackbaud features that you manage here under Security and also to your organization's Blackbaud services, such as Support and Training.

    Tip: The expiration date doesn't affect access to Blackbaud solutions that you don't manage under Security. If an admin gave the user access to a solution that is managed somewhere else, the user retains access to that solution until an admin manually removes it.

  3. Under Security, add or remove roles for feature areas as necessary.

    1. In the solution list on the left side of the section, select the Blackbaud solution. Feature areas for that solution then appear on the right side of the section.

    2. Edit roles as necessary to provide the correct level of access. You can only assign one role per feature area

      • To provide access to a feature area that the user can't currently access, add a role. Review the description to make sure you select the correct role.

      • To change the current level of access to a feature area, change the existing role.

      • To remove access to a feature area, remove the existing role.

    3. To adjust roles for additional solutions or give the user access to a solution for the first time, select the solutions on the left and add or edit roles for feature areas as necessary.

  4. To add, edit, or delete admin rights, select the desired action under Security. For information about admin types and how to assign them, see Admins Tasks.

  5. Select Save. The user's access to feature areas and solutions is updated within several minutes without receiving another invitation.

To delete a user's association with an organization, admins can delete the user record. This completely removes access to the organization's Blackbaud solutions, including any admin rights. Only the user's audit history remains, and you can't make the user active again. If you only need to make the user inactive or remove access to Blackbaud solutions, see Make a user inactive or Remove solution access instead.

  1. On the Users page, find the user in the list and select Delete user from their menu.

  2. On the confirmation screen, select Delete.

To maintain a history of users for your organization, make users inactive instead of deleting them. On the Users page, find the user and select Make inactive from their menu. When you make users inactive:

  • They can't access your organization's Blackbaud services, such as Support and Training.

  • They can't access the Blackbaud solutions and features that you manage on the Users page in Security.

    If users were assigned access to a Blackbaud solution that isn't managed on the Users page, an admin still needs to manually remove the user's access for that solution.

  • They still appear in search results and lists.

  • They are no longer linked to their user or have access to the database view. If you make them active again, you must re-link their users. For more information, see Database View Security Groups.

You can't make users inactive for just one Blackbaud solution. To remove access to a particular solution, see Remove solution access.

If you make them active again, previous roles are restored automatically to provide access to feature areas.

Note: By default, only organization admins can make users inactive if your organization uses multiple Blackbaud solutions. Solution admins can only make users inactive if they are assigned the required permission.

To make a user active, find the user on the Users page and select Make active from their menu. For example, you can do this when a user returns to your organization after a period of time.

Note: By default, only organization admins can make users active if your organization uses multiple Blackbaud solutions. Solution admins can only make users inactive if they are assigned the required permission.

When you make a user active, previous roles are restored automatically to provide access to feature areas. However, you must edit the user and link them to their record in the database view again. For more information, see Database View Security Groups.

To help you ensure that the restored roles still provide the correct level of access, the Manage roles screen appears after you make a user active.

To add a new user by copying an existing user’s access, select Create new user with same access from their menu. Enter the new user's name and email address. To modify the user's access before you save, change the selected feature areas and roles for the applicable Blackbaud solutions.

Note: If your organization uses multiple Blackbaud solutions, it's possible a new user will not receive the same access as an existing user when you copy. For example, if you copy access for a user who has rights to solutions that you do not have access to, the new user won't have access either. The access only copies from the existing user for the solution you both use.

To prevent a user from accessing a Blackbaud solution that you manage on the Users page in Security, admins can remove access to the entire solution. This denies the user access to all feature areas in the solution and also removes all roles and any admin rights. If you only want to remove access to some feature areas, see Edit user roles instead.

  1. On the Users page, find the user in the list and select Remove solution access from their menu.

  2. In the list, select all solutions where you want to completely remove access.

  3. Select Select. The user's access is updated within several minutes.

To view action history for users, see User and Role Audit History.

You can manage user lists to perform functions such as create a new list, export or share an existing list, or filter on specific criteria. See User Lists for additional information.