Once your Secure Code Warrior® account is all set-up, it’s time to add some users.
You can add users manually, import a .CSV, enable Single-SignOn, programmatically with our REST API. Users can also self-register.
In this article, we will explain how to bulk import users. Check out the video below, or keep scrolling to read through a guide on how you can do this quickly.
- Download Format for Upload
- Prepare User Data in the Template
- Verify Data Integrity in File
- Save as CSV and Upload
For new customers, we recommend that Company Administrators download the user list for a quick and easy way to get a template of the upload format you’ll need for your user data.
Note: For existing customers, this process will download your existing user list in the same format needed for the bulk upload. As a ‘just-in-case’ tip, we highly recommend downloading and saving the current user list before uploading a new one. (More on that in Step 4).
Now that you’ve got your user list downloaded, crack it open and check out the formatting to start familiarizing yourself with it.
When bulk inviting users to Secure Code Warrior, you only need to make one master sheet with all the necessary information.
|Mandatory Information||Optional Information|
Before starting: Delete the ‘Last Logged In’ column as you won’t need this for a user upload.
Email is the unique User ID in Secure Code Warrior. When creating your list of emails, please verify they’re all correct. No misspellings or duplicates allowed; that’ll make your life harder.
- Including the same user with two different email domains is considered a duplicate
- Check that there are no spaces at the end of email addresses
When using SSO, make sure you’re including a user’s primary email. It has to match the email sent out by SSO for authentication. If the addresses don’t match, it can lead to login issues or duplicate users in the system and no one wants that to happen.
Two important notes:
- Email addresses must be entirely lowercase (eg: firstname.lastname@example.org)
- Duplicate email addresses must be removed from the CSV before uploading
There are three role types in the Secure Code Warrior platform. Each user needs to be assigned a role to determine their permission levels.
- Team Manager
- Company Administrator
When assigning a user role in the report, double-check spelling that is correct and consistent before uploading. As before, it should be all lowercase letters.
In the platform, users are grouped into separate teams which helps keep things organized, especially for bigger developer groups.
All Developer and Team Manager roles need to be assigned to a team, but Company Administrators shouldn’t be assigned to one.
While a team doesn’t need a Team Manager, you can assign one or more per team to make things easier (like completing password resets). This is more important for larger groups or if you have several teams across multiple locations.
Note: Teams do not need to be created ahead of time; if the team does not exist on the platform, it will be created automatically. Make sure team names are spelled the same throughout the file, including case-sensitive letters, etc.
Tags are an optional addition designed to give you further grouping capabilities. Using the one column, you can include more than one tag per user by separating them with semicolons.
- Example: tag1; tag2
Note the space after the semicolon in the above example. Tags are visible both in the platform and in reporting downloads.
Pro Tip: When using more than one tag, we strongly recommend they’re kept in the exact same order for each user.
|John Shepard||tag1; tag2|
|Jane Shepard||tag1; tag2|
This makes it easier to parse your data in report downloads and, as an added bonus, it gives a nice consistent look in the platform. You’ll thank yourself for doing this.
As usual, make sure tags are consistent throughout the template, including spelling and case sensitive letters.
As you know, it’s super important that your data is accurate, consistent, and complete when creating a bulk upload file. Before going forward, run through this checklist.
|✅||Email addresses are all spelled correctly|
|✅||Email addresses are all in lowercase|
|✅||No duplicate email addresses (Includes one user with multiple email addresses)|
|✅||Roles have been assigned|
|✅||Role spelling is correct|
|✅||Role names are all in lowercase|
|✅||Team names are spelled correctly throughout the file|
|✅||Team names are consistent including letter case|
|✅||Tags are spelled correctly|
|✅||Tags are consistent including letter case|
|✅||Tags are in one column|
|✅||Multiple tags are separated with a semicolon (tag1; tag2)|
|✅||Tags are in the same order for all users|
Now that you’ve created and verified the perfect user file, save it as a .CSV.
Top tip: Consider using a naming convention and file location that will help you easily manage different versions of this list over time.
As a Company Admin, go to the Administration tab in the upper right corner of the Secure Code Warrior platform.
Select MORE then click Management CSV.
Click UPLOAD FILE
Choose your CSV file to upload users to the platform.
Note that you can also download your users in the current state, the same as the report in the Reports tab, here.
Once you upload the .CSV file, Secure Code Warrior will check for basic errors like invalid email addresses or incorrect role values.
- Less than 10 errors: The process will let you correct the errors instantly in the platform
- More than 10 errors: The platform will ask you to fix the errors in the .CSV and upload the file again after saving the changes
This is where all your hard work will pay off. Future You will give Past You a hearty pat on the back for setting up the file so carefully.
If you try to upload a new user list .CSV file and the platform finds errors, it may be due to spelling or letter case not matching what’s already in the system. Doing this may inadvertently create more teams and/or tags based on those mismatches, and no one wants that.
Tip: Downloading the current user list beforehand gives you a chance to cross-reference your new and current lists to make sure all existing teams and tags are matched exactly.
The platform will then check if there are:
- Existing Users in the .CSV - If there are, you’ll be asked if you’d like to update these existing users with the new role, team, and tag(s) defined in the new file
- Users currently in the platform that are not in the .CSV - If there are, you’ll be asked if you’d like to disable these users.
Note: Disabling users will remove their access, but won’t delete their data.
To delete user records entirely, you’ll have to go to each user individually from the Administration tab. Disabled users can be re-enabled and their data will be intact. However, once a user is deleted, their data is lost, so tread carefully.
After these checks, you’ll get a preview of the ‘New Users’, ‘Disabled Users’, and ‘Updated Users’ broken down into separate tabs with their subsequent role, team, and tag(s).
After checking the preview thoroughly, you click to confirm.
- New Users will be added to the platform as designated in the file.
They will automatically be sent an email from Secure Code Warrior to accept their platform invitation and complete their account set-up
- For Customers with Federation/SSO: This email will auto-direct users to your specified URL for authentication via your SSO process. They will then get access to Secure Code Warrior where they’ll be prompted to complete their account set-up
- Existing Users will be updated based on the role, team, and tag(s) designated in the file
- Disabled Users will no longer be able to access the platform but will be kept in the platform with their data intact.