Contacts - Login

The Contacts Login menu in Paradigm will let you assign different access levels to a contact in your business or institution, depending on how you want that user to use or access the different areas of the system. This knowledge article will describe all the access levels possible in Paradigm, as well as the workflows on how you can assign a contact’s login credentials, update, edit, and disable logins.

Complexity: MEDIUM

Navigation

Workflow

Assumptions

You have the minimum required level to access the Contacts menu;
You have the permission / authority of the Institution to grant access to users / to use Paradigm;
You understand that Contacts / Users are staff or associates of the institution not students;
You have sufficient information to know what security group to assign for new users; and
The Institution has already validated that each security group has access to what it requires and nothing more.

Key Terms and Concepts

BE ADVISED: A user may only be assigned to a single (1) security group.

WARNING: A user may only assign a security group that is equal to or less than the one they currently hold. This is to avoid the potential for privilege escalation in user account access.

The table below outlines the security groups that may be assigned to a user via the Paradigm user interface. The permissions are ordered based on scope of access from least to greatest.

	Security Level	Description
1	Public	What a user may see without logging into Paradigm. Mostly used for login screens and the online application portal.
2	Applicant	A prospective student who is interacting with Paradigm via the application portal.
3	Student	A student user with mostly read-only access but has the ability to update their address details, register for units, generate a limited set of letter reports , and view other records made available to them by the Institution.
4	Reception	The lowest security group with almost exclusively read-only access to a limited set of student related information.
5	Tutor	An appropriate level of access for a part time or casual teaching staff who needs to look up student details, enter attendance, record assessment marks, or make notes against a student.
6	Staff	NOTE: Default security group assigned by the system to newly created Contact logins. A general level of access with a moderate degree of edit access to student related information and records.
7	Student Services	Intended for users who require the functionality of a staff member together with the ability to record, e.g. advisor / examiner / reviewer
8	Student Admin	An alternative profile based on the flex admin security group.
9	Flex Admin (also known as part time registrar)	Similar scope of access as Full Admin but lacking access to the System and Accounting menus, and the ability to edit published grades or bulk generate invoices.
10	Accounting	An appropriate role for an accounts receivable role that is focused on maintaining financial records including invoices and payments within Paradigm.
11	Marketing	This security group has a wide scope of access including student records, agents, invoices and payment related records.
12	Full Admin	The standard security group given to power users with the ability to view, edit, and the one who has full control to almost everything within the system.
13	HR Admin	BE ADVISED: Not normally used. Intended for institutions who want to record sensitive HR related information within Paradigm for the purposes of staff reporting.
14	System Admin	BE ADVISED: Not normally used. Intended for institutions who require a higher form of Full Admin with full system permissions in order to limit the typical scope of Full Admin access.

back to top

BE ADVISED

A user may only be assigned to a single (1) security group.

WARNING

A user may only assign a security group that is equal to or less than the one they currently hold. This is to avoid the potential for privilege escalation in user account access.

NOTE

Different security levels will be granted to a user – to have different levels of access to the system. A suitable level needs to be granted to a user to give sufficient access.

This may be read-only e.g. Student Level or Reception Level Access;

Editing rights e.g. Staff Level Access;

Administration level e.g. Flex Admin or Full Access e.g. Full Admin; and

Some access levels will restrict some sections of the system that can be viewed e.g. Accounting or Human Resources.

1. How to Create a User / Contact Login Credentials

NOTE: If the contact record is already loaded, proceed to the STEP 2 instructions, else start with STEP 1.

STEP 1 Load the Contact’s Record

1, 2 Choose Contacts > Search menus on the side.

3 Enter at least one of the following options into the relevant search box: Given Name, Surname, Home Institution, Status, Contact Role.

4 Click the SEARCH CONTACT button.

5 After clicking the SEARCH CONTACT button, it will return a list of contacts that meet your searched criteria. To filter the list of contacts, in the 🔍Filter box above the list of contacts, start typing the contact’s First or Given name.

6 When you see the record of the contact that you are looking for, click the contact’s role, highlighted in blue in the left column under the Role Id heading. This will load the contact’s edit details page.

STEP 2 Create a User or Contact’s Login Credentials

1, 2 With the contact’s record loaded in the system, go to Contacts > Login menus on the side.

3 With the contact’s record loaded in the system, go to Contacts > Login menus on the side. This will load the login page, go to the CREATE NEW USER LOGIN Form section. The new contacts user name will be automatically generated in the User Login Id field based on the details added to the contact record.

4 Enter a new password for the user. The password policy requires all of the parameters below and the save button will not appear until all requirements have been met.

A minimum of 8 Characters
A combination of upper and lowercase letters
At least 1 number

5 Click the SAVE USER LOGIN button.

STEP 3 Add or Assign a Security Group to the Contact’s Record and Enable the Contact’s Login

Refer to the instructions on this link: https://silverband.atlassian.net/wiki/spaces/PKB/pages/985085/Contacts+-+Search+Add+and+Edit#3.2-Add-or-Assign-a-Security-Group-to-the-Contact-Record.

back to top

2. How to Update a User / Contact Password

NOTE: If the contact record is already loaded, proceed to the STEP 2 instructions, else start with STEP 1.

STEP 1 Load the Contact’s Record

1, 2 Choose Contacts > Search menus on the side.

3 Enter at least one of the following options into the relevant search box: Given Name, Surname, Home Institution, Status, Contact Role.

4 Click the SEARCH CONTACT button.

5 After clicking the SEARCH CONTACT button, it will return a list of contacts that meet your searched criteria. To filter the list of contacts, in the 🔍Filter box above the list of contacts, start typing the contact’s First or Given name.

6 When you see the record of the contact that you are looking for, click the contact’s role, highlighted in blue in the left column under the Role Id heading. This will load the contact’s edit details page.

STEP 2 Update the Contact’s Password

Follow steps 2-4 of the instructions of this link: https://silverband.atlassian.net/wiki/spaces/PKB/pages/985085/Contacts+-+Search+Add+and+Edit#04.-How-to-add-or-reset-a-User-Password.

back to top

3. How to Edit the Reset User Login Password Email Template

The password reset template is largely composed of two label text fields:

reset_user_login_password_emailHtmlHeader
reset_user_login_password_emailHtmlFooter

Here is the direct links for your information:

https://{host}.edu.net.au/label_edit.php?labelId=reset_user_login_password_emailHtmlHeader

https://{host}.edu.net.au/label_edit.php?labelId=reset_user_login_password_emailHtmlFooter

For users who can read HTML, the email template code looks like the following:

<html><body>Dear {student_firstName}{contact_firstName},<br><br>{label:get_tpl_label_text_long reset_user_login_password_emailHtmlHeader} <b>Username:</b>{optional:show_form_field reset_user_login_password_email_userLoginId} {user_login_userLoginId} <b>or:</b> {/optional} {user_login_email} <br> <b>Password:</b> {user_login_newPassword}<br>{label:get_tpl_label_text_long reset_user_login_password_emailHtmlFooter}</body></html>

back to top

4. How to disable a User Contact Login and User Record

Click on Contact tab in the side menu.
Click on Search in the side menu.
Enter at least one of the following options in to the relevant search box:
- Given Name
- Surname
- Home Institution
- Status
- Contact Role
Click on the Search Contact button
This will return a list of contacts that meet the searched criteria
To filter the list of contacts, in the search box above the list of contacts, start typing the contact’s first or given name.
When you see the record for the contact you are looking for, click on the contact role for that contact, highlighted in blue in the left column of that row.
Click on the Login option in the side menu
Click the Disable User Login button. Check the Enabled option is set to N which is short for No
Click the Remove Security button
Click the Contacts tab in the side menu
Click the Edit Details option in the side menu
Scroll down to the Other details section
Click on the Status drop box and set the status to Archived or inactive
Click the Save Contact button.