A user is any individual who needs access to some part of the Stratosphere system. Users can range from system admins with access to all roles and locations, down to users who are simply assigned a pass to access secure device at one location, and cannot even access the website. Stratosphere was designed so that users would only need to be granted the ability to see or edit the data they need to do their job, and no more. This helps keep your data safe, and your system compliant with any privacy or regulatory requirements, such as FDA 21 CFR Part 11. 

Viewing Users

Viewing Users requires the "User Management" role to be granted in your user record. Contact your system administrator to add this capability. Without this role, the Users screen will not even appear in your menu.

Users are viewed and managed on the Users page available from the main menu.

To view a user's details, click the name of the user. In the details page you will all the available information for that user, including:

  • First Name* - The first name of the user.
  • Last Name* - The last name of the user.
  • Email* - A valid email address for the user. Email functions as the username when logging into Stratosphere and will also be used to send important Stratosphere messages, such as how to reset your password.
  • Time Zone* - The local time zone that dates and times should be displayed as to the user. This setting will be configurable by users in their user profile.
  • Phone Number - The phone number the user can be contacted at. Currently Stratosphere will not send users any texts, but configurable text alerts may become available in the future. 
  • Roles - Roles grant permissions to the user to take certain actions in the Stratosphere website.
    • Website Access - Without this role, the user will not be able to login to the Stratosphere website, regardless of which other roles or locations they may have. Once a user is granted this role, they will be sent a welcome email prompting them to set their password and login to Stratosphere for the first time. If this role is removed, they will receive an email informing them that their access has been revoked. Users with this role will be able to view the following:
      • Dashboard with the following info:
        1. total inventory
        2. transactions in the last 7 days
        3. expiring items in the next 30 days
      • Locations page, with only the user's assigned locations visible.
      • Devices page, with only the devices belonging to the user's assigned locations visible.
      • Aliases page, with only the aliases belonging to the user's assigned locations visible. This only appears if Aliases are enabled for the organization.
      • Package Integrity page, with only package integrity documentation's at user's assigned locations visible. This only appears if package integrity is enabled for the organization.
      • The following Reports:
        1. Transaction Report
        2. Expiring Items Report
        3. Product Summary Report
        4. Detailed Inventory Report
        5. Temperature Report
    • Organization Management - Grants permission to the Organization page, where the Organizations name, address, support info, and logo can be edited. Also grants the ability to add or remove optional features for the whole organization, such as auditing and package integrity.
    • User Management - Grants access to the Users page and all its functions, such as viewing, adding, editing, deactivating, and reactivating users.
    • Device and Location Management - Grants full access and control of the DevicesLocations. and Aliases records. Users with this role can view, add, edit, or delete any device, location, or alias.
    • Product Management - Grants access to the Product Catalog page and all its functions, such as viewing, adding, editing, or removing products from the catalog. Also allows viewing, adding, editing, and deleting of Barcode Regexes.
    • Item Management - Grants access to the Items page and all its functions, such as viewing, adding, editing, or deleting items.
    • Auditing - Allows total access to the searchable, sortable, downloadable Audit Log Report, which tracks every change to every record in the Stratosphere system. This will only be an option if System Auditing is enabled for your organization.
    • Package Integrity - Allows access to view all removal transactions that require package integrity documentation. Users with this role can also edit package integrity documentation. Will only be an option if Package Integrity is enabled for your organization.
  • Assigned Locations - The list of all location's the user is permitted to view when logging into Stratosphere. Devices assigned to these locations, along with all inventory and sensor data will also be visible in Stratosphere. A user can physically access devices assigned to these locations with their Pass, regardless of whether they have the website access role.
  • Pass RFID - The RFID value of the Pass used to access secure devices. Passes supplied by Terso will always have 10-digit RFID values that can contains both numbers and letters. Secured devices that are assigned to this user's assigned location's will be updated to accept this pass.
  • Pass Name - A visual identifier for the pass. Passes supplied by Terso will always have a unique 6-digit code printed on the back of the pass that should be used as the Pass Name. This field is not used by devices to determine access, it is purely for human identification of the pass.
  • Last Login Date - This is the last date and time that the user successfully logged in to Stratosphere.
  • Active - This value is either True or False. An active (or reactivated) user will display a value of "True". A deactivated user will display "False". The active flag being "False" invalidates any and all roles or locations assigned to the user. If the deactivated user tries to login, they will be told their email address of password is incorrect. Their pass will no longer grant them access to any secured devices.

* = Required

Summary of Roles and the Permissions They Grant

Roles ->Website AccessOrganization ManagementUser ManagementDevice and Location ManagementProduct ManagementItem ManagementPackage Integrity ManagementAuditing
LocationsView Assigned1

View, Add, Edit, Delete All



DevicesView Assigned1

View, Add, Edit, Delete All



AliasesView Assigned1

View, Add, Edit, Delete All



Users

View, Add, Edit, Delete All




Product Catalog



View, Add, Edit, Delete All


Barcode Regex



View, Add, Edit, Delete All


Items




View, Add, Edit, Delete All

Package IntegrityView Assigned1




View, Add, Edit, Delete All
Organization Settings & Features
View, Edit





Reports







TransactionView Assigned1

View All



Slow Moving InventoryView Assigned1

View All



Unassociated Tags




View All

Expiring ItemsView Assigned1

View All



Inventory SummaryView Assigned1

View All



Detailed InventoryView Assigned1

View All



TemperatureView Assigned1

View All



Audit Log






View All

1 - "View Assigned" means that a user with just the Website Access role will only be able to view information that directly relates to their assigned locations. For example, if a user is assigned to one location, and that location contains two devices, then they will be able to see the records that are tied to that location or its two devices. Put another way, information that relates to non-assigned locations and their devices and inventory will be hidden from user's who only possess the Website Access role.

Adding Users

Adding Users requires the "User Management" role to be granted in your user record. Contact your system administrator to add this capability.

We recommend only adding users who have been trained in using the system and are aware of their responsibilities. Add users with their legal names and personal work emails, not shared inboxes. This increases security, personal responsibility, and enhances the value of auditing in the system.

To add a user,

  1. Press "Add User" in the top left of the Users page.
    1. You can also "Add User" from the Master Add menu located in the top right, from any page.
  2. Enter the user's First Name.
  3. Enter the user's Last Name
  4. Enter the user's Email Address. The email must be valid and unique.
  5. Select a Time Zone. If you are not sure which time zone a user belongs to, just leave it as the default (your own time zone). Users can always change their own time zone in their User Profile.
  6. Click "optional information" to enter additional information about the user.

    While the user can be saved without this "optional" information, the user will not have access to the website or secured devices until they are also assigned the appropriate roles, locations, and pass. See the 'Viewing Users' section of this article for more details on each field. 

  7. Click Save Changes to finish adding the user. If you assigned the "Website Access" role, Stratosphere will immediately send that user a welcome email.

Editing Users

Editing Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

There are two options for editing a user.

Option 1

  1. On the users page, open the quick action menu for the user you wish to edit and select "Edit".
  2. In the Edit User window that opens, make any desired changes.
  3. Click "Save Changes" to save the edited record. Clicking "Cancel" or the X in the top right of the window will remove any edits you just made but had not yet saved.

Option 2

  1. On the users page, click the user name link

  2. In the User details page, make any desired changes.
  3. Click "Save Changes" to save the edited record. To cancel your edits, simply leave the user details page without saving.

Deactivating Users

Deactivating Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Deactivating a user instantly removes that user's access to the website or secured devices. User settings will be preserved so that if the user is reactivated in the future, they will have all the same roles and locations by default. There are two options for deactivating a user. You cannot deactivate yourself.

Option 1

  1. On the users page, open the quick action menu for the user you wish to deactivate and select "deactivate"

  2. In the "Deactivate User" confirmation window that appears, click "Deactivate" to confirm the deactivation of the user. This can be undone by reactivating the user at any time. Clicking "Cancel" or the X in the top right of the window will not deactivate the user.

Option 2

  1. On the users page, click the user name link for the user you wish to deactivate.

  2. On the user details page that opens, scroll to the bottom of the page and click "Deactivate".
  3. In the "Deactivate User" confirmation window that appears, click "Deactivate" to confirm the deactivation of the user. This can be undone by reactivating the user at any time. Clicking "Cancel" or the X in the top right of the window will not deactivate the user.

Activating Users

Activating Users requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Activating a deactivated user instantly restores whatever access to the website or secured devices that the user has been granted. They will be sent an email prompting them to reset their password, but all other user settings will be activated as though the user had never been deactivated. There are two options for activating a user.

Option 1

  1. On the users page, open the quick action menu for the user you wish to activate and select "Activate"

  2. In the "Activate User" confirmation window that appears, click "Activate" to confirm the activation of the user. Clicking "Cancel" or the X in the top right of the window will not activate the user.

Option 2

  1. On the Users page, click the user name link for the user you wish to activate.

  2. On the user details page that opens, scroll to the bottom of the page and click "Activate".
  3. In the "Activate User" confirmation window that appears, click "Activate" to confirm the activation of the user. Clicking "Cancel" or the X in the top right of the window will not activate the user. 

Resending Invites

Resending Invites requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

When a user is granted the "Website Access" role in their user record, Stratosphere sends them an invite email with a link to set their password. The email notifies them that this link will expire after 30 days for security reasons. If the user has allowed the link to expire, or simply requests a new invite email because they cannot find the original, the invite email can be resent with a new 30-day link. Sending a new email will instantly invalidate the links in any previously sent invite emails (only 1 invite link can be active at any time). There are two methods for re-sending this user invite:

Option 1

  1. On the Users page, open the quick action menu for the user you wish to resend the invite to and select "Resend Invite"

  2. In the "Resend Invite" confirmation window that appears, click "Resend Invite" to confirm the resend. Clicking "Cancel" or the X in the top right of the window will not resend the invite.

Option 2

  1. On the users page, click the user name link for the user you wish to resend the invite to.

  2. On the user details page that opens, scroll to the bottom of the page and click "Resend Invite".
  3. In the "Resend Invite" confirmation window that appears, click "Resend Invite" to confirm the resend. Clicking "Cancel" or the X in the top right of the window will not cause an invite to be resent.

Resetting Passwords

Resetting Passwords requires the "User Management" Role to be granted in your user record. Contact your system administrator to add this capability.

Once a user has set a password, you may want to force a reset if you believe their current password has been compromised, or the user has requested their password be reset. Users can also reset their own password by clicking "Forgot Password" on the login page and entering their email address. Resetting a user's password instantly invalidates their existing password and sends a "Reset Password" email to the user's email address, with a link to reset their password. There are two methods for resetting a user's password:

Option 1

  1. On the users page, open the quick action menu for the user whose password you wish to reset and select "Reset Password"

  2. In the "Reset Password" confirmation window that appears, click "Reset Password" to confirm the reset. Clicking "Cancel" or the X in the top right of the window will not reset the password.

Option 2

  1. On the users page, click the user name link for the user whose password you wish to reset.

  2. On the user details page that opens, scroll to the bottom of the page and click "Reset Password".
  3. In the "Reset Password" confirmation window that appears, click "Reset Password" to confirm the reset. Clicking "Cancel" or the X in the top right of the window will not reset the password.