Skip to main content
Version: 2.0.0

How to Use

This guide covers day-to-day operational tasks in IWA across User Management, Role Management, Group Management, and Provisioning.

User Management

Create a User

Add User (Detailed)

  1. Navigate to User Management.
  2. Click Add User.
  3. Fill in all required fields: User ID, First Name, Last Name, Email ID, User Type, and any additional profile details.
  4. Click Save (Draft) or Submit (Activate immediately).

Quick Add User (Bulk)

  1. Click Quick Add User.
  2. Enter the minimal required details: User ID, First Name, Last Name, Name, Email ID, and User Type.
  3. Add multiple rows for bulk creation, then submit.

Import Users

  1. Download the pre-defined import template (CSV or XLS).
  2. Populate the template with user data.
  3. Click Import Users and upload the completed file.

Add User from External Source

  1. Click Add User from Source.
  2. Select the source: SAP BTP CIS, SAP BTP Account, or Azure Active Directory.
  3. Search for and select the users to onboard.
  4. Confirm the import.

Activate or Deactivate a User

  1. Locate the user in the User Management table.
  2. Open the Actions menu for that user.
  3. Select:
    • Activate — to activate a user in Draft status.
    • Deactivate — to revoke access from an Active user while retaining their data.

Lock or Unlock a User

  1. Locate the user in the User Management table.
  2. Open the Actions menu.
  3. Select:
    • Lock User — to prevent system access immediately.
    • Unlock User — to restore system access once the issue is resolved.

Assign a Role to a User

  1. Open the Actions menu for the target user and select View Details or Edit.
  2. Navigate to the Roles section in the User Details view.
  3. Click Add Role.
  4. Select the Application and then the Role from the dropdowns.
  5. Save the changes.

Set Up a Substitution

  1. Open the Actions menu for the user who will be absent.
  2. Select Substitute.
  3. Choose the substitute user and define the substitution period.
  4. Optionally configure a Vacation period to trigger substitution automatically.
  5. Save the substitution.

Manage Data-Level Access for a User

  1. Open the user's details via the Actions menu.
  2. Navigate to Data Level Access & Roles.
  3. Click Add or Edit on the desired rule.
  4. Configure role-based or user-specific data restrictions.
  5. Save the configuration.

View User Logs

  • Provision Log — navigate to the user's detail view and open the Provision Log tab to see all role assignment/removal history.
  • Audit Log — open the Audit Log tab to see all profile updates, role changes, and login history.
  • Activity Log — view operational activity performed by and on the user.

Role Management

Create a Role

  1. Navigate to Role Management and click Create Role.
  2. Fill in the mandatory fields: Application Name, Role Name, Role Description, Role Type, Role Segment, and Role Category.
  3. Configure module and feature access by toggling individual modules/features on or off.
  4. Optionally configure:
    • Data-Level Access (Disabled / Simple / Advanced).
    • Source Group mapping.
    • Role Collection mapping.
    • User Reconfirmation settings.
  5. Click Save (Draft) or Submit (Active).

Create a Role with Reference

  1. On the Role Summary screen, open the Actions menu on an existing role.
  2. Select Create Role With Reference.
  3. Review the pre-filled configuration (role segment, type, category, modules, features, DLA settings).
  4. Modify any fields as needed.
  5. Click Save or Submit.

Sync a Role

  1. On the Role Summary screen, open the Actions menu for the target role.
  2. Select Sync Role to manually trigger synchronization with the mapped source groups.

Assign Users to a Role

  1. Open a role in edit mode.
  2. Scroll to the Associated Users section.
  3. Click Add User and select the users to assign.
  4. Save the role.

Group Management

Create a Group

  1. Navigate to Group Management and click Add Group.
  2. Fill in: Group Name, Group Description, Associated Application, and Associated Role(s).
  3. Click Save (Draft) or Submit (Active).

Add Members to a Group

  1. Open the group via View Details or Edit from the Actions menu.
  2. In the Group Members section, click Add Users.
  3. Search for and select users to add.
  4. Optionally configure Data-Level Access for each new member.
  5. Save the changes.

Deactivate or Delete a Group

  • Deactivate: Open Actions → De-Activate. The group remains visible but cannot be assigned.
  • Delete: Open Actions → Delete (only available for Draft groups or groups with no dependencies).

Provisioning

Provision a Role to a User

  1. Navigate to Provision and click on the target application.
  2. Select Manage Role → Provision Role.
  3. Select the User and then choose the Role from the dropdown.
  4. If the role has mapped groups, they are displayed automatically.
  5. Click Preview to review all details.
  6. Click Submit to complete provisioning.

Bulk Provisioning

  • Use Add User to assign the same role to multiple users at once.
  • Use Bulk Request to upload an Excel file for mass provisioning.

Revoke a Role from a User

  1. Navigate to Provision and select the application.
  2. Select Manage Role → Revoke Role.
  3. Select the User and the Role to revoke.
  4. Review data-level access details if prompted.
  5. Click Submit to revoke the role immediately.

Filter and Search Provisioned Users

In the application's Users section:

  1. Use the Filters panel to filter by Provisioned Status, Provisioned By, Provisioned On, or Roles.
  2. Click Apply Filters to refresh the list.
  3. Click Reset to clear all filters and reload the full list.

View Provision Logs

  1. Navigate to the application dashboard and select the Roles section.
  2. Click on a role, then open the Provision Log tab.
  3. Review entries showing Request No, Associated Users, Initiated By, Initiated On, Provision Type, Provision By, and Request Status.