Users

a user is any individual who needs access to some part of the stratosphere system users can range from system admins, with access to all roles and locations, to users who are assigned a pass to access secure device at one location and cannot access the website stratosphere was designed so that users would need to be granted the ability to see or edit only the data they need to do their job, and no more this helps keep your data safe and your processes compliant with any privacy or regulatory requirements, such as fda 21 cfr part 11 viewing users viewing users requires the "user management" role to be granted in your user record contact your system administrator to add this capability without this role, the users screen will not appear in your menu users are viewed and managed on the users page available from the main menu to view a user's details, click the name of the user the user details page displays the following information first name the first name of the user last name the last name of the user email a valid email address for the user email functions as the username when logging into stratosphere and will also be used to send important system generated emails docid\ zinengg7ldducx8txlomk , such as how to reset your password time zone the local time zone that dates and times should be displayed as to the user this setting will automatically match a user's browser by toggling on "browser specified time zone", or a time zone can be manually selected this setting is configurable by users in their my user profile docid\ rjbnton2iiibyjpzlrxnv phone number the phone number the user can be contacted at currently stratosphere will not send users any texts, but configurable text alerts may become available in the future roles roles grant permissions to the user to take certain actions in the stratosphere website website access without this role, the user will not be able to login to the stratosphere website, regardless of which other roles or locations they may have once a user is granted this role, they will be sent a welcome email prompting them to set their password and login to stratosphere for the first time if this role is removed, they will receive an email informing them that their access has been revoked users with this role will be able to view the following dashboard with the following info total inventory transactions in the last 7 days items expiring in the next 30 days removed items needing disposition this only appears if item disposition docid\ cktuo6qi7r6beytf61qm is enabled for the organization item exceptions this only appears if item disposition docid\ cktuo6qi7r6beytf61qm is enabled for the organization inventory at location more than # of days this only appears if slow moving inventory docid\ j3iltpr4zh6wbpxcofvem is enabled for the organization product par levels this only appears if par levels docid\ uxwsjsf3ypur gs0fxwco is enabled for the organization kanban restock this only appears if kanban inventory management docid\ psukbrphk3mq53lotqyn3 is enabled for the organization locations docid\ ukp9gblmil1l6hx1o4ccr page, with only the user's assigned locations visible devices docid\ qqxodeizfkrysphlfngau page, with only the devices belonging to the user's assigned locations visible aliases docid\ tzy7qp iafrkyvlgjjluj page, with only the aliases belonging to the user's assigned locations visible this only appears if aliases docid\ tzy7qp iafrkyvlgjjluj is enabled for the organization package integrity docid\ g9kdsj94g3pkl8dfwoqqq page, with only package integrity documentation at user's assigned locations visible this only appears if package integrity docid\ g9kdsj94g3pkl8dfwoqqq is enabled for the organization case management docid 5jngxamgdsuwf noru9d page, with the ability to create, edit, delete, and submit cases for the user's assigned locations this only appears if case management docid 5jngxamgdsuwf noru9d is enabled for the organization the following reports docid 69h9muymh5tc3nwucxnde detailed inventory report expiring items report inventory exceptions (if item disposition docid\ cktuo6qi7r6beytf61qm feature is enabled for the organization) inventory summary report kanban inventory report (if the kanban inventory management docid\ psukbrphk3mq53lotqyn3 feature is enabled for the organization) kanban restock report (if the kanban inventory management docid\ psukbrphk3mq53lotqyn3 feature is enabled for the organization) par levels report (if the par levels docid\ uxwsjsf3ypur gs0fxwco feature is enabled for the organization) removed items report slow moving inventory report (if the slow moving inventory docid\ j3iltpr4zh6wbpxcofvem feature is enabled for the organization) temperature report transaction report organization management grants access to the organization docid\ jr gzcro05gu6fbf2pgro page, where the organization's name, address, support info, and logo can be edited also grants the ability to add or remove optional features, such as aliases docid\ tzy7qp iafrkyvlgjjluj and package integrity docid\ g9kdsj94g3pkl8dfwoqqq , for the organization this role also grants access to the key management docid\ q0ilp8edhfeexahxbytya page for managing organization keys for use with the stratosphere api docid\ ei prgpsoit91eex3i6 p user management grants access to the users page and all its functions, including viewing, adding, editing, deactivating, and reactivating users device and location management grants full access and control of the accounts docid\ c5tvy8dybjpdbv0vaonzj , devices docid\ qqxodeizfkrysphlfngau , kanban read points docid\ qy nmqmu4abkr9lntf sy , locations docid\ ukp9gblmil1l6hx1o4ccr , par levels docid\ uxwsjsf3ypur gs0fxwco , and aliases docid\ tzy7qp iafrkyvlgjjluj records users with this role can view, add, edit, or delete any device, kanban read point, location, par level, or alias aliases docid\ tzy7qp iafrkyvlgjjluj , kanban inventory management docid\ psukbrphk3mq53lotqyn3 , and par levels docid\ uxwsjsf3ypur gs0fxwco are optional features enabled at the organization level product management grants access to the products docid\ zgmg3kja8xguix6lssiiy catalog page and all its functions, including viewing, adding, editing, or removing rfid products and, if enabled, non rfid product catalog docid\ p5699zs7ay4xtg05unt y this role also grants access to view, add, edit, and delete barcode regexes this role also grants access to view, add, edit, and delete bins for the user's assigned locations for kanban inventory management kanban inventory management docid\ psukbrphk3mq53lotqyn3 is an optional feature enabled at the organization level item management grants access to the items docid\ efi2n49gjycru tk5huqm page and all its functions, including viewing, adding, editing, and deleting rfid tagged items auditing allows total access to the searchable, sortable, downloadable audit log report, which tracks every change to every record in the stratosphere system package integrity management allows access to view all removal transactions that require package integrity documentation users with this role can also edit package integrity documentation will only be an option if package integrity docid\ g9kdsj94g3pkl8dfwoqqq is enabled for your organization case management allows access to save submitted cases as drafts within the user's permitted accounts and locations allows access to view, edit, and submit cases created by other users within the user's permitted accounts and locations allows access to create, modify, and deactivate surgeons and procedures will only be an option if case management docid 5jngxamgdsuwf noru9d is enabled for your organization permitted accounts/locations the list of all accounts and locations the user is permitted to view when logging into stratosphere devices assigned to these accounts and locations, along with all inventory and sensor data, will also be visible in stratosphere a user can physically access devices assigned to these accounts and locations with their pass, regardless of whether they have the website access role pass rfid the rfid value of the pass used to access secure devices passes supplied by terso will always have 10 digit rfid values that can contains both numbers and letters, and the field can support values of 10 40 characters for passes from alternate suppliers secured devices that are assigned to this user's assigned locations will be updated to accept this pass a pass rfid must be unique and can only be assigned to a single user a pass rfid cannot be deactivated for one user and reactivated for another pass name a visual identifier for the pass passes supplied by terso will always have a unique 6 digit code printed on the back of the pass that should be used as the pass name this field is not used by devices to determine access, it is purely for human identification of the pass deactivate pass if the user has an associated pass rfid, a button will be present labelled "deactivate pass" this can be used to revoke the user's pass access to all devices in their permitted accounts and locations = required summary of roles and the permissions they grant default features roles > website access organization management user management device and location management product management item management accounts view, add, edit, delete all locations view assigned 1 1 view, add, edit, delete all devices view assigned 1 1 view, add, edit, delete all users view, add, edit, delete all product catalog view, add, edit, deactivate all barcode regex view, add, edit, delete all items view, add, edit, delete all organization settings & features view, edit premium features roles > website access organization management device and location management product management package integrity management case management kanban read points view assigned 1,2 1,2 view, add, edit, delete all 2 2 aliases view assigned 1,3 1,3 view, add, edit, delete all 3 3 non rfid product catalog view, add, edit, deactivate all 2 2 par levels view, add, edit, delete all 4 4 package integrity view assigned 1,5 1,5 view, add, edit, delete all 5 5 cases view, create, edit, submit, delete assigned 1,6 1,6 view, edit, delete, submit, unsubmit all 6 6 surgeons view, edit, disable all 6 6 procedures view, edit, disable all 6 6 key management view, edit, delete all reports roles > website access device and location management product management item management auditing audit log view all record types detailed inventory view assigned 1 1 view all expiring items view assigned 1 1 view all inventory exceptions view assigned 1,7 1,7 view all 7 7 inventory summary view assigned 1 1 view all kanban inventory summary view assigned 1,2 1,2 view all 2 2 kanban restock view assigned 1,2 1,2 view all 2 2 par levels view assigned 1,4 1,4 view all 4 4 removed items view assigned 1 1 view all slow moving inventory view assigned 1,8 1,8 view all 8 8 temperature view assigned 1 1 view all transaction view assigned 1 1 view all unassociated tags view assigned, hide assigned, associate tags as bins for assigned locations 2 2 view all, hide all, associate tags as items 1 1 "view assigned" means that a user with just the website access role will only be able to view information that directly relates to their assigned locations for example, if a user is assigned to one location, and that location contains two devices, then they will be able to see the records that are tied to that location or its two devices information that relates to non assigned locations and their devices and inventory will be hidden from users who only possess the website access role 2 2 functionality available if the kanban inventory management docid\ psukbrphk3mq53lotqyn3 optional feature is enabled for the organization 3 3 functionality available if the aliases docid\ tzy7qp iafrkyvlgjjluj optional feature is enabled for the organization 4 4 functionality available if the par levels docid\ uxwsjsf3ypur gs0fxwco optional feature is enabled for the organization 5 5 functionality available if the package integrity docid\ g9kdsj94g3pkl8dfwoqqq optional feature is enabled for the organization 6 6 functionality available if the case management docid 5jngxamgdsuwf noru9d optional feature is enabled for the organization 7 7 functionality available if the item disposition docid\ cktuo6qi7r6beytf61qm optional feature is enabled for the organization 8 8 functionality available if the slow moving inventory docid\ j3iltpr4zh6wbpxcofvem optional feature is enabled for the organization adding users adding users requires the "user management" role to be granted in your user record contact your system administrator to add this capability we recommend only adding users who have been trained in using the system and are aware of their responsibilities add users with their legal names and personal work emails, not shared inboxes this increases security and personal responsibility and enhances the value of auditing in the system we also recommend that users are granted as few roles as are necessary to fulfill their job function adding single users to add a single user press "add user" in the top left of the users page enter the user's first name enter the user's last name enter the user's email address the email must be valid and unique click " optional information " to enter additional information about the user note while the user can be saved without this "optional" information, the user will not have access to the website or secured devices until they are also assigned the appropriate roles, locations, and pass see the users docid\ oe8vd 0cdzxszxeukg19h section of this article for more details on each field click save changes to finish adding the user if you assigned the "website access" role, stratosphere will immediately send that user a system generated emails docid\ zinengg7ldducx8txlomk bulk importing users stratosphere supports importing users from a csv file, so that you can create users in bulk there is no way to undo a bulk import, other than to edit or remove users from stratosphere individually when bulk importing, verify the accuracy of the import double check to ensure that the data in the uploaded file is accurate after importing the file, but before saving the imported records, open the "ready to import" section and verify that the columns are mapped appropriately and the data is exactly as you want it select "import users" at the top of the users page "choose file" and select a file containing the users you want to import the file must meet the following requirements csv file format less than 1 mb file size fewer than 500 users to import contain columns titled "first name", "last name", "email", "phone number", "roles", "permitted accounts", "permitted locations", "pass rfid", and "pass name" first name the user's first name this field is required last name the user's last name this field is required email the user's email address this field is required each user's email address must be unique phone number the user's phone number this field is not required roles the stratosphere user roles that should be granted to the user enter a list of roles, separated by semicolon this field is not required for more information on roles, see the users docid\ oe8vd 0cdzxszxeukg19h section of this guide permitted accounts the account numbers to which the user should be granted access enter a list of account numbers, separated by semicolon granting a user access to an account will grant the user access to all locations within that account this field is not required permitted locations the location names to which the user should be granted access enter a list of location names, separated by semicolon this field is not required pass rfid the 10 40 character value of the pass used by the user to access secure devices this field is not required pass name a visual identifier for the user's pass this field is not required once a file is chosen, select "import users" if your list of users is large (hundreds of users), it may take a minute to import before saving the import, validate that the import was completed as expected by reviewing the three lists ready to import these users were successfully read from the file already in system these users were successfully read from the file, but they already exist in stratosphere and will be skipped in the import to avoid duplication errors these users were not successfully read from the file where possible, the reason for the error will be explained in this list potential reasons include duplicate email address invalid email address format duplicate or reused pass rfid pass rfid of an invalid length invalid user role invalid account or location invalid columns included in the import file missing required fields if you are happy with your import preview, click "import users" one last time to save all the "ready to import" users in stratosphere any errors can be handled individually and uploaded in a subsequent bulk import if you assigned any users the "website access" role, stratosphere will immediately send those users a system generated emails docid\ zinengg7ldducx8txlomk the import must be validated within 20 minutes, otherwise you will need to restart the import process again phone numbers and passrfid values may contain more than 10 characters many spreadsheet programs, including excel, will convert these numbers to scientific format to prevent this, convert the phone number and pass rfid columns to a number format of text, and the numbers will be preserved for accurate import from csv you can review the last 10 user imports, including the list of users that were already in system or had errors, by clicking "import users" from the top of the users page at any time here is an example csv used for user imports in stratosphere https //archbee doc uploads s3 amazonaws com/ ugidhuftimlpunh0oumr/euq8dzjtn3u7jmw82id9w example import file for users csv editing users editing users requires the "user management" role to be granted in your user record contact your system administrator to add this capability there are two options for editing a user option 1 on the users page, open the quick action menu for the user you wish to edit and select "edit" in the edit user window that opens, make any desired changes click "save changes" to save the edited record clicking "cancel" or the x in the top right of the window will remove any edits you just made but had not yet saved option 2 on the users page, click the user name link in the user details page, make any desired changes click "save changes" to save the edited record to cancel your edits, simply leave the user details page without saving deactivating users deactivating users requires the "user management" role to be granted in your user record contact your system administrator to add this capability deactivating a user instantly removes that user's access to the website or secured devices user settings will be preserved so that if the user is reactivated in the future, they will have all the same roles and locations by default there are two options for deactivating a user you cannot deactivate yourself option 1 on the users page, open the quick action menu for the user you wish to deactivate and select "deactivate" in the "deactivate user" confirmation window that appears, click "deactivate" to confirm the deactivation of the user this can be undone by reactivating the user at any time clicking "cancel" or the x in the top right of the window will not deactivate the user option 2 on the users page, click the user name link for the user you wish to deactivate on the user details page that opens, scroll to the bottom of the page and click "deactivate" in the "deactivate user" confirmation window that appears, click "deactivate" to confirm the deactivation of the user this can be undone by reactivating the user at any time clicking "cancel" or the x in the top right of the window will not deactivate the user activating users activating users requires the "user management" role to be granted in your user record contact your system administrator to add this capability activating a deactivated user instantly restores whatever access to the website or secured devices that the user has been granted they will be sent an system generated emails docid\ zinengg7ldducx8txlomk prompting them to reset their password, but all other user settings will be activated as though the user had never been deactivated there are two options for activating a user option 1 on the users page, open the quick action menu for the user you wish to activate and select "activate" in the "activate user" confirmation window that appears, click "activate" to confirm the activation of the user clicking "cancel" or the x in the top right of the window will not activate the user option 2 on the users page, click the user name link for the user you wish to activate on the user details page that opens, scroll to the bottom of the page and click "activate" in the "activate user" confirmation window that appears, click "activate" to confirm the activation of the user clicking "cancel" or the x in the top right of the window will not activate the user resending invites resending invites requires the "user management" role to be granted in your user record contact your system administrator to add this capability when a user is granted the "website access" role in their user record, stratosphere sends them an system generated emails docid\ zinengg7ldducx8txlomk with a link to set their password the email notifies them that this link will expire after 30 days for security reasons if the user has allowed the link to expire, or simply requests a new invite email because they cannot find the original, the invite email can be resent with a new 30 day link sending a new email will instantly invalidate the links in any previously sent invite emails (only 1 invite link can be active at any time) there are two methods for resending this user invite option 1 on the users page, open the quick action menu for the user you wish to resend the invite to and select "resend invite" in the "resend invite" confirmation window that appears, click "resend invite" to confirm the resend clicking "cancel" or the x in the top right of the window will not resend the invite option 2 on the users page, click the user name link for the user you wish to resend the invite to on the user details page that opens, scroll to the bottom of the page and click "resend invite" in the "resend invite" confirmation window that appears, click "resend invite" to confirm the resend clicking "cancel" or the x in the top right of the window will not cause an invite to be resent resetting passwords resetting passwords for other users requires the "user management" role to be granted in your user record contact your system administrator to add this capability once a user has set a password, you may want to force a reset if you believe their current password has been compromised, or if the user has requested their password be reset users can also reset their own password by clicking "forgot password" on the login page and entering their email address resetting a user's password instantly invalidates their existing password and sends a system generated emails docid\ zinengg7ldducx8txlomk to the user's email address, with a link to reset their password there are two methods for resetting a user's password option 1 on the users page, open the quick action menu for the user whose password you wish to reset and select "reset password " in the "reset password" confirmation window that appears, click "reset password" to confirm the reset clicking "cancel" or the x in the top right of the window will not reset the password option 2 on the users page, click the user name link for the user whose password you wish to reset on the user details page that opens, scroll to the bottom of the page and click "reset password" in the "reset password" confirmation window that appears, click "reset password" to confirm the reset clicking "cancel" or the x in the top right of the window will not reset the password