Stratosphere
Default Functions

Users

26min

A user is any individual who needs access to some part of the Stratosphere system. Users can range from system admins, with access to all roles and locations, to users who are assigned a pass to access secure device at one location and cannot access the website. Stratosphere was designed so that users would need to be granted the ability to see or edit only the data they need to do their job, and no more. This helps keep your data safe and your processes compliant with any privacy or regulatory requirements, such as FDA 21 CFR Part 11.

Viewing Users

Viewing Users requires the "User Management" role to be granted in your user record. Contact your system administrator to add this capability. Without this role, the Users screen will not appear in your menu.

Users are viewed and managed on the Users page available from the main menu.

Document image


To view a user's details, click the name of the user. The user details page displays the following information:

  • First Name* - The first name of the user.
  • Last Name* - The last name of the user.
  • Email* - A valid email address for the user. Email functions as the username when logging into Stratosphere and will also be used to send important Stratosphere messages, such as how to reset your password.
  • Time Zone - The local time zone that dates and times should be displayed as to the user. This setting will automatically match a user's browser by toggling on "Browser Specified Time Zone", or a time zone can be manually selected. This setting is configurable by users in their user profile.
  • Phone Number - The phone number the user can be contacted at. Currently Stratosphere will not send users any texts, but configurable text alerts may become available in the future.
  • Roles - Roles grant permissions to the user to take certain actions in the Stratosphere website.
    • Website Access - Without this role, the user will not be able to login to the Stratosphere website, regardless of which other roles or locations they may have. Once a user is granted this role, they will be sent a welcome email prompting them to set their password and login to Stratosphere for the first time. If this role is removed, they will receive an email informing them that their access has been revoked. Users with this role will be able to view the following:
      • Dashboard with the following info:
        1. Total inventory
        2. Transactions in the last 7 days
        3. Items expiring in the next 30 days
        4. Removed items needing disposition. This only appears if Item Disposition is enabled for the organization.
        5. Item exceptions. This only appears if Item Disposition is enabled for the organization.
        6. Inventory at location more than # of days. This only appears if Slow Moving Inventory is enabled for the organization.
        7. Product Par Levels. This only appears if Par Levels is enabled for the organization.
        8. Kanban Restock. This only appears if Kanban Inventory Management is enabled for the organization.
      • Locations page, with only the user's assigned locations visible.
      • Devices page, with only the devices belonging to the user's assigned locations visible.
      • Aliases page, with only the aliases belonging to the user's assigned locations visible. This only appears if Aliases is enabled for the organization.
      • Package Integrity page, with only package integrity documentation at user's assigned locations visible. This only appears if Package Integrity is enabled for the organization.
      • Cases page, with the ability to create, edit, delete, and submit cases for the user's assigned locations. This only appears if Case Management is enabled for the organization.
      • The following Reports:
        1. Detailed Inventory Report
        2. Expiring Items Report
        3. Inventory Exceptions (if Item Disposition feature is enabled for the organization)
        4. Inventory Summary Report
        5. Kanban Inventory Report (if the Kanban Inventory Management feature is enabled for the organization)
        6. Kanban Restock Report (if the Kanban Inventory Management feature is enabled for the organization)
        7. Par Levels Report (if the Par Levels feature is enabled for the organization)
        8. Removed Items Report
        9. Slow Moving Inventory Report (if the Slow Moving Inventory feature is enabled for the organization)
        10. Temperature Report
        11. Transaction Report
    • Organization Management - Grants access to the Organization page, where the organization's name, address, support info, and logo can be edited. Also grants the ability to add or remove optional features, such as Aliases and Package Integrity, for the organization. This role also grants access to the Key Management page for managing organization keys for use with the Stratosphere API.
    • User Management - Grants access to the Users page and all its functions, including viewing, adding, editing, deactivating, and reactivating users.
    • Device and Location Management - Grants full access and control of the Accounts, Devices, Kanban Read Points, Locations, Par Levels, and Aliases records. Users with this role can view, add, edit, or delete any device, kanban read point, location, par level, or alias. Aliases, Kanban Inventory Management, and Par Levels are optional features enabled at the organization level.
    • Product Management - Grants access to the Product Catalog page and all its functions, including viewing, adding, editing, or removing RFID Products and, if enabled, Non-RFID Products. This role also grants access to view, add, edit, and delete Barcode Regexes. This role also grants access to view, add, edit, and delete bins for the user's assigned locations for Kanban Inventory Management. Kanban Inventory Management is an optional feature enabled at the organization level.
    • Item Management - Grants access to the Items page and all its functions, including viewing, adding, editing, and deleting RFID tagged items.
    • Auditing - Allows total access to the searchable, sortable, downloadable Audit Log Report, which tracks every change to every record in the Stratosphere system.
    • Package Integrity Management - Allows access to view all removal transactions that require package integrity documentation. Users with this role can also edit package integrity documentation. Will only be an option if Package Integrity is enabled for your organization.
    • Case Management - Allows access to save submitted cases as drafts within the user's permitted accounts and locations. Allows access to view, edit, and submit cases created by other users within the user's permitted accounts and locations. Allows access to create, modify, and deactivate Surgeons and Procedures. Will only be an option if Case Management is enabled for your organization.
  • Permitted Accounts/Locations - The list of all accounts and locations the user is permitted to view when logging into Stratosphere. Devices assigned to these accounts and locations, along with all inventory and sensor data, will also be visible in Stratosphere. A user can physically access devices assigned to these accounts and locations with their Pass, regardless of whether they have the website access role.
  • Pass RFID - The RFID value of the Pass used to access secure devices. Passes supplied by Terso will always have 10-digit RFID values that can contains both numbers and letters, and the field can support values of 10-40 characters for passes from alternate suppliers. Secured devices that are assigned to this user's assigned locations will be updated to accept this pass. A Pass RFID must be unique and can only be assigned to a single user. A Pass RFID cannot be deactivated for one user and reactivated for another.
  • Pass Name - A visual identifier for the pass. Passes supplied by Terso will always have a unique 6-digit code printed on the back of the pass that should be used as the Pass Name. This field is not used by devices to determine access, it is purely for human identification of the pass.
  • Deactivate Pass - If the user has an associated Pass RFID, a button will be present labelled "Deactivate Pass". This can be used to revoke the user's pass access to all devices in their permitted accounts and locations.

* = Required

Summary of Roles and the Permissions They Grant

Default Features

Roles ->

Website Access

Organization Management

User Management

Device and Location Management

Product Management

Item Management

Accounts

View, Add, Edit, Delete All

Locations

View Assigned1

View, Add, Edit, Delete All

Devices

View Assigned1

View, Add, Edit, Delete All

Users

View, Add, Edit, Delete All

Product Catalog

View, Add, Edit, Deactivate All

Barcode Regex

View, Add, Edit, Delete All

Items

View, Add, Edit, Delete All

Organization Settings & Features

View, Edit

Premium Features

Roles ->

Website Access

Organization Management

Device and Location Management

Product Management

Package Integrity Management

Case Management

Kanban Read Points

View Assigned1,2

View, Add, Edit, Delete All2

Aliases

View Assigned1,3

View, Add, Edit, Delete All3

Non-RFID Product Catalog

View, Add, Edit, Deactivate All2

Par Levels

View, Add, Edit, Delete All4

Package Integrity

View Assigned1,5

View, Add, Edit, Delete All5

Cases

View, Create, Edit, Submit, Delete Assigned1,6

View, Edit, Delete, Submit, Unsubmit All6

Surgeons

View, Edit, Disable All6

Procedures

View, Edit, Disable All6

Key Management

View, Edit, Delete All

Reports

Roles ->

Website Access

Device and Location Management

Product Management

Item Management

Auditing

Audit Log

View All Record Types

Detailed Inventory

View Assigned1

View All

Expiring Items

View Assigned1

View All

Inventory Exceptions

View Assigned1,7

View All7

Inventory Summary

View Assigned1

View All

Kanban Inventory Summary

View Assigned1,2

View All2

Kanban Restock

View Assigned1,2

View All2

Par Levels

View Assigned1,4

View All4

Removed Items

View Assigned1

View All

Slow Moving Inventory

View Assigned1,8

View All8

Temperature

View Assigned1

View All

Transaction

View Assigned1

View All

Unassociated Tags

View Assigned, Hide Assigned, Associate Tags As Bins for Assigned Locations2

View All, Hide All, Associate Tags As Items

1 - "View Assigned" means that a user with just the Website Access role will only be able to view information that directly relates to their assigned locations. For example, if a user is assigned to one location, and that location contains two devices, then they will be able to see the records that are tied to that location or its two devices. Information that relates to non-assigned locations and their devices and inventory will be hidden from users who only possess the Website Access role.

2 - Functionality available if the Kanban Inventory Management optional feature is enabled for the organization.

3 - Functionality available if the Aliases optional feature is enabled for the organization.

4 - Functionality available if the Par Levels optional feature is enabled for the organization.

5 - Functionality available if the Package Integrity optional feature is enabled for the organization.

6 - Functionality available if the Case Management optional feature is enabled for the organization.

7 - Functionality available if the Item Disposition optional feature is enabled for the organization.

8 - Functionality available if the Slow Moving Inventory optional feature is enabled for the organization.

Adding Users

Adding Users requires the "User Management" role to be granted in your user record. Contact your system administrator to add this capability.

We recommend only adding users who have been trained in using the system and are aware of their responsibilities. Add users with their legal names and personal work emails, not shared inboxes. This increases security and personal responsibility and enhances the value of auditing in the system. We also recommend that users are granted as few roles as are necessary to fulfill their job function.

Adding Single Users

To add a single user:

  1. Press "Add User" in the top left of the Users page.
    Document image
    
  2. Enter the user's First Name.
  3. Enter the user's Last Name
  4. Enter the user's Email Address. The email must be valid and unique.
  5. Click "optional information" to enter additional information about the user.
    1. Note: While the user can be saved without this "optional" information, the user will not have access to the website or secured devices until they are also assigned the appropriate roles, locations, and pass. See the Viewing Users section of this article for more details on each field.
  6. Click Save Changes to finish adding the user. If you assigned the "Website Access" role, Stratosphere will immediately send that user a welcome email.

Bulk Importing Users

Stratosphere supports importing users from a CSV file, so that you can create users in bulk.

There is no way to undo a bulk import, other than to edit or remove users from Stratosphere individually. When bulk importing, verify the accuracy of the import. Double-check to ensure that the data in the uploaded file is accurate. After importing the file, but before saving the imported records, open the "Ready to Import" section and verify that the columns are mapped appropriately and the data is exactly as you want it.

  1. Select "Import Users" at the top of the Users page.
  2. "Choose File" and select a file containing the users you want to import. The file must meet the following requirements:
    1. .CSV file format
    2. Less than 1 MB file size
    3. Fewer than 500 users to import
    4. Contain columns titled "First Name", "Last Name", "Email", "Phone Number", "Roles", "Permitted Accounts", "Permitted Locations", "Pass RFID", and "Pass Name".
      1. First Name - The user's first name. This field is required.
      2. Last Name - The user's last name. This field is required.
      3. Email - The user's email address. This field is required. Each user's email address must be unique.
      4. Phone Number - The user's phone number. This field is not required.
      5. Roles - the Stratosphere user roles that should be granted to the user. Enter a list of roles, separated by semicolon. This field is not required. For more information on roles, see the Roles section of this guide.
      6. Permitted Accounts - The account numbers to which the user should be granted access. Enter a list of account numbers, separated by semicolon. Granting a user access to an account will grant the user access to all locations within that account. This field is not required.
      7. Permitted Locations - The location names to which the user should be granted access. Enter a list of location names, separated by semicolon. This field is not required.
      8. Pass RFID - The 10-40 character value of the Pass used by the user to access secure devices. This field is not required.
      9. Pass Name - A visual identifier for the user's pass. This field is not required.
  3. Once a file is chosen, select "Import Users". If your list of users is large (hundreds of users), it may take a minute to import.
    Document image
    
  4. Before saving the import, validate that the import was completed as expected by reviewing the three lists:
    1. Ready to Import - These users were successfully read from the file.
    2. Already in System - These users were successfully read from the file, but they already exist in Stratosphere and will be skipped in the import to avoid duplication.
    3. Errors - These users were not successfully read from the file. Where possible, the reason for the error will be explained in this list. Potential reasons include:
      1. Duplicate email address
      2. Invalid email address format
      3. Duplicate or reused Pass RFID
      4. Pass RFID of an invalid length
      5. Invalid user role
      6. Invalid Account or Location
      7. Invalid columns included in the import file
      8. Missing required fields
  5. If you are happy with your import preview, click "Import Users" one last time to save all the "Ready to Import" users in Stratosphere. Any errors can be handled individually and uploaded in a subsequent bulk import.
  6. If you assigned any users the "Website Access" role, Stratosphere will immediately send those users a welcome email.

The import must be validated within 20 minutes, otherwise you will need to restart the import process again.

Phone numbers and PassRFID values may contain more than 10 characters. Many spreadsheet programs, including Excel, will convert these numbers to scientific format. To prevent this, convert the Phone Number and Pass RFID columns to a number format of Text, and the numbers will be preserved for accurate import from CSV.

Document image


You can review the last 10 User Imports, including the list of users that were Already in System or had Errors, by clicking "Import Users" from the top of the Users page at any time.

Document image


Here is an example CSV used for user imports in Stratosphere:

Editing Users

Editing Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

There are two options for editing a user.

Option 1

  1. On the users page, open the quick action menu for the user you wish to edit and select "Edit".
    Document image
    
  2. In the Edit User window that opens, make any desired changes.
  3. Click "Save Changes" to save the edited record. Clicking "Cancel" or the X in the top right of the window will remove any edits you just made but had not yet saved.

Option 2

  1. On the users page, click the user name link.
    Document image
    
  2. In the User details page, make any desired changes.
  3. Click "Save Changes" to save the edited record. To cancel your edits, simply leave the user details page without saving.

Deactivating Users

Deactivating Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Deactivating a user instantly removes that user's access to the website or secured devices. User settings will be preserved so that if the user is reactivated in the future, they will have all the same roles and locations by default. There are two options for deactivating a user. You cannot deactivate yourself.

Option 1

  1. On the users page, open the quick action menu for the user you wish to deactivate and select "deactivate".
    Document image
    
  2. In the "Deactivate User" confirmation window that appears, click "Deactivate" to confirm the deactivation of the user. This can be undone by reactivating the user at any time. Clicking "Cancel" or the X in the top right of the window will not deactivate the user.

Option 2

  1. On the users page, click the user name link for the user you wish to deactivate.
    Document image
    
  2. On the user details page that opens, scroll to the bottom of the page and click "Deactivate".
  3. In the "Deactivate User" confirmation window that appears, click "Deactivate" to confirm the deactivation of the user. This can be undone by reactivating the user at any time. Clicking "Cancel" or the X in the top right of the window will not deactivate the user.

Activating Users

Activating Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Activating a deactivated user instantly restores whatever access to the website or secured devices that the user has been granted. They will be sent an email prompting them to reset their password, but all other user settings will be activated as though the user had never been deactivated. There are two options for activating a user.

Option 1

  1. On the users page, open the quick action menu for the user you wish to activate and select "Activate"
    Document image
    
  2. In the "Activate User" confirmation window that appears, click "Activate" to confirm the activation of the user. Clicking "Cancel" or the X in the top right of the window will not activate the user.

Option 2

  1. On the Users page, click the user name link for the user you wish to activate.
    Document image
    
  2. On the User Details page that opens, scroll to the bottom of the page and click "Activate".
  3. In the "Activate User" confirmation window that appears, click "Activate" to confirm the activation of the user. Clicking "Cancel" or the X in the top right of the window will not activate the user.

Resending Invites

Resending Invites requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

When a user is granted the "Website Access" role in their user record, Stratosphere sends them an invite email with a link to set their password. The email notifies them that this link will expire after 30 days for security reasons. If the user has allowed the link to expire, or simply requests a new invite email because they cannot find the original, the invite email can be resent with a new 30-day link. Sending a new email will instantly invalidate the links in any previously sent invite emails (only 1 invite link can be active at any time). There are two methods for resending this user invite:

Option 1

  1. On the Users page, open the quick action menu for the user you wish to resend the invite to and select "Resend Invite":
    Document image
    
  2. In the "Resend Invite" confirmation window that appears, click "Resend Invite" to confirm the resend. Clicking "Cancel" or the X in the top right of the window will not resend the invite.

Option 2

  1. On the users page, click the user name link for the user you wish to resend the invite to.
    Document image
    
  2. On the user details page that opens, scroll to the bottom of the page and click "Resend Invite".
  3. In the "Resend Invite" confirmation window that appears, click "Resend Invite" to confirm the resend. Clicking "Cancel" or the X in the top right of the window will not cause an invite to be resent.

Resetting Passwords

Resetting Passwords for other users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Once a user has set a password, you may want to force a reset if you believe their current password has been compromised, or if the user has requested their password be reset. Users can also reset their own password by clicking "Forgot Password" on the login page and entering their email address. Resetting a user's password instantly invalidates their existing password and sends a "Reset Password" email to the user's email address, with a link to reset their password. There are two methods for resetting a user's password:

Option 1

  1. On the Users page, open the quick action menu for the user whose password you wish to reset and select "Reset Password."
    Document image
    
  2. In the "Reset Password" confirmation window that appears, click "Reset Password" to confirm the reset. Clicking "Cancel" or the X in the top right of the window will not reset the password.

Option 2

  1. On the users page, click the user name link for the user whose password you wish to reset.
    Document image
    
  2. On the user details page that opens, scroll to the bottom of the page and click "Reset Password".
  3. In the "Reset Password" confirmation window that appears, click "Reset Password" to confirm the reset. Clicking "Cancel" or the X in the top right of the window will not reset the password.