# User Access
Mobsted platform allows to manage user access to the platform and to Mobsted PWA apps.
\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
### **MANAGE MOBSTED PLATFORM USER ACCESS**
To get access to the platform a user needs to be added to **Users** section of the platform. **Users** section is available from any screen in the main menu on the right. Users are set for all apps in the tenant.
To add the new user:
1. Navigate to **Users** section and click **Add New User**.
2\. Fill in the fields in the pop up:
* User Name: this is mandatory field.
* Email: email address entered here is used for logging in and receiving system notifications. This is mandatory field.
* Password: create password to log in. This is mandatory field.
* Phone: phone number entered here is used for logging in and receiving system notifications. This is mandatory field.
* PIN: same thing as password, can be used instead. This is mandatory field.
* Autodetect Timezone: checkbox to automatically detect the timezone based on your location.
**Possible actions with users:**
* **Edit**: change the data in user profile
* **Invite**: send the link to user via email to get access to the platform
* **Copy**: copy user
* **Delete**: remove user from the platform.
\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
### **MANAGE MOBSTED PWA APP USER ACCESS**
App users get access to app by common or personal access links (URLs) distributed via [distribution mechanism. ](https://mobsted-2.gitbook.io/knowledge-base/app_distribution)
You can define user access rules and restrictions in **Security** section of the platform. The setup is to be done for each of your apps on the platform.
**App user access security settings allows to:**
1. Define which users can access the app
* **Anyone without registration**: anyone with URL can access the app
* **Anyone after registration and authentication**: anyone with URL can open the app but gets access after authentication
{% hint style="warning" %}
**Note**: when any of the above option is set you will get **Common Access Link** (URL) and QR code with URL appearing on the top left.
{% endhint %}
* **Only those added by me**: each user gets a unique URL and accesses the app after authentication.
{% hint style="warning" %}
**Note**: this option requires to create user in [Objects](https://mobsted-2.gitbook.io/knowledge-base/objects), user’s unique URL will be generated in **LoginUrl** field.
{% endhint %}
2\. Define user authentication method and rules
Platform supports two basic authentication methods:
* **Email**: user will be requested to enter email address to receive one-time access code. The code is set to be active for 300 sec.
* **SMS**: user will be requested to enter phone number to receive one-time access code. The code is set to be active for 180 sec.
{% hint style="warning" %}
**Note**: these options require to create user in [Objects](https://mobsted-2.gitbook.io/knowledge-base/objects) and fill in **Email** or **Phone** fields with user’s email address or phone number.
{% endhint %}
Authentication via Email or SMS is automatically set to be active for 3 months, you can change the period in **Account** settings by clicking **Set another lifetime** button.
3\. Define Return Visitor Timeout time
This option allows to limit the time the user is inactive in the app and set additional steps to grant access:
* PIN code: set the PIN in the relevant field in Objects
* IP-address: check the box and scroll the screen up to set IP mask range.
### **MENTIONED ARTICLES**
* [Objects](https://mobsted-2.gitbook.io/knowledge-base/objects)
* [App distribution](https://mobsted-2.gitbook.io/knowledge-base/app_distribution)
