Manage User Accounts in the WatchGuard Portal

From the Manage Users page in the WatchGuard Portal, you can see and manage user accounts in your WatchGuard Portal account. For each user account, you can also manage permissions, which control whether each user can manage specific aspects of your WatchGuard Portal account and your WatchGuard cloud-based applications.

To edit users in the WatchGuard Portal, your user account must have the Admin User Management role.

If you have a tier-1 account A WatchGuard Cloud account that is associated with a company account on the WatchGuard Portal is a tier-1 account., you manage your operators in the Support Center. If you do not have a tier-1 account, you can manage operators in WatchGuard Cloud. For more information, see Manage WatchGuard Cloud Operators.

From the Manage Users page you can:

• See the User Accounts List
• See Your User Management Permissions
• Edit User Account Information and Permissions
• Create a New User Account
• Resend a User Account Invitation
• Delete a User Account
• See the Audit Log

See the User Accounts List

Users who register without an invitation cannot access your WatchGuard Portal account. To add the user to your account, contact Customer Care and request an account merge. For more information on how to invite users, see Create a New User Account.

To manage the users in your WatchGuard Portal account:

1. Go to www.watchguard.com and log in to the WatchGuard Portal with your WatchGuard user account credentials.
2. In the Support Center, select My WatchGuard > Manage Users.
   The Manage Users page appears with a list of all users in your account.

From the Manage Users page you can see this information for each user account:

• User Name — The name the user types to log in.
• Full Name — The first and last name of the user.
• Email – The email address for the authorized user of the account.
• Permissions — Click the icon in the Permissions column to manage user account permissions. For more information, see Manage User Account Permissions in the WatchGuard Portal.
• Status — The user account status. It must be one of these values:
• Pending — The user has not yet set up a user account.
• Expired — The invitation for the user to set up a user account has expired.
• Active — The user has successfully set up a user account.
• Inactive — The user account was deactivated by an account administrator. A user with an inactive account cannot log in to the WatchGuard Portal or to any applications that use the WatchGuard Portal account for authentication.

You can filter the user account list by any of the columns, use the Search feature to filter the list, and change how many users appear on each page of the list.

• To sort the list by a specific column, click the header for that column.
• To filter the list, in the Search text box, type some of the characters from any column.
• To change the number of users that appear on each page, from the Per Page drop-down list, select the number of users to display.

See Your User Management Permissions

The User Management role assigned to your WatchGuard user account determines your permissions to manage users in the WatchGuard Portal.

To see the User Management role assigned to your user account:

1. On the Manage Users page, find your own user account.
2. In the user row, click , and select Edit permissions.
   The Manage User Permissions page for your account appears.
3. In the Access Management settings, look at the User Management role.
   • If your User Management role is Admin, you can edit, add, and set permissions for any other user account in your WatchGuard Portal account.
   • If your User Management role is Observer, you can see information about user accounts in your WatchGuard Portal account, but you cannot edit, create user accounts.

On the Manage User Permissions page, you can also see other types of permissions. For more information about user account permissions, see Manage User Account Permissions in the WatchGuard Portal.

Edit User Account Information and Permissions

The information that you can edit for any user account includes:

• First Name and Last Name — The full name of the user.
• Phone number — The phone number for the authorized user of the account.
• Status — The status of the user account (editable only if the user account is Active or Inactive). You cannot edit the status of your own account.

For your own user account, you can also edit these settings:

• Multi-Factor Authentication (MFA) — Enable or disable multi-factor authentication for your own user account. For more information, see Enable MFA for Your WatchGuard User Account.

  WatchGuard Customer Care is the administrator of AuthPoint MFA for WatchGuard user accounts and WatchGuard Cloud operators on tier-1 accounts. Contact Customer Care for any administrative actions related to MFA for your WatchGuard Account or WatchGuard Cloud operator.

• Email – The email address for your own user account. For more information, see Change Your WatchGuard User Account Email Address.
• Password — Change the password for your own user account. For more information, see Change Your WatchGuard User Account Password.

To edit user account information:

1. On the Manage Users page, find the user account.
2. In the user row, click , and select Edit details.
   The User Information page appears.

3. Click Edit.
4. Edit the Email, First Name, Last Name, or Phone information.
5. To change the account status to Active or Inactive, click the Status slider.Tip! You cannot edit the status of your own user account, or any account that does not have a status of Active or Inactive.
   
6. To enable or disable MFA for your own account, next to the Multi-Factor Authentication status, click Edit. Tip! You cannot edit the Multi-Factor Authentication settings for another user account.
7. Click Save.

For each user account, you can also select roles that give the user permission to see or manage items in your WatchGuard Portal account and your WatchGuard cloud-based applications.

To edit permissions for a user account:

1. On the Manage Users page, find the user account to edit.
2. In the user row, click , and select View permissions.
   The Manage User Permissions page for the selected user account appears.

3. For each permission setting, select the user role from the drop-down list.
4. Click Save.
   The new permissions take effect the next time the user logs in.

The WatchGuard Cloud permission sets the operator role in WatchGuard Cloud.

For more information about user account permissions, see Manage User Account Permissions in the WatchGuard Portal.

Create a New User Account

To create a new user account, you invite the user to join your account. The user receives an email invitation, which expires after 48 hours. To activate the account, the user must click the link in the email to set the account password before the invitation expires.

To create a new user account in your WatchGuard Portal account:

1. On the Manage Users page, click Invite User.
2. In the User Name text box, type the name this user will use to log in. You cannot edit this later. The User Name can include only these characters:
   • Alphanumeric characters (without accent marks)
   • Other characters: underscore (_), plus (+), minus (-), and dot (.)
3. In the Email text box, type an email address for this user. To complete account setup, the user must be able to receive the invitation email at this address.
4. Specify a First Name, Last Name for the user account.
5. (Optional) specify a Phone number.
6. Click Next.
   The Manage User Permissions page appears.
7. In the Access Management settings, select the user permissions. For more information about user account permissions, see Manage User Account Permissions in the WatchGuard Portal.
8. Click Save.
   An invitation is sent to the user at the email address specified in the user account settings.

If your colleague does not receive an invite, ask them to check their spam folder for an email from ‘[email protected]’.

After you add a new user account, the user account status is Pending. If the user does not log in and set the password in 48 hours, the invitation expires, and the user account status changes to Expired.

After a user logs in and activates their account, the user can optionally enable multi-factor authentication. For more information, see Enable MFA for Your WatchGuard User Account.

Resend a User Account Invitation

Before the user has finished setup of their user account, you can resend the user account invitation.

To resend a user account invitation:

1. On the Manage Users page, find the user with the status Expired.
2. In the Status column, click the Expired status.
   The User Information page appears.
3. To edit user account information, click Edit. Edit the Email, First Name, or Last Name.
4. To resend the invitation to the email address of the user, click Resend.
   The invitation is resent to the user at the email address specified in the user account settings.

The user status changes to Pending. The new invitation expires after 48 hours.

Delete a User Account

You can delete any user account that has not been fully set up. This include users accounts with a status of Pending or Expired.

To delete a pending or expired user account:

1. On the Manage Users page, find the user with the status Pending or Expired.
2. In the user row, click , and select Delete user.
   The Delete User confirmation dialog box appears.
3. Click Delete User.

To delete a user account with the status of Active or Inactive you must contact WatchGuard Customer Care. To start a request with WatchGuard Customer Care to remove a user, click the link at the bottom of the Manage Users page.

See the Audit Log

The audit log shows a list of changes to users in your account over the past 6 months.

For each change, the Audit Log shows:

• Time — The date and time the action occurred, in UTC time.
• Activity Type — The type of action.
• Changed By — The user name of the user who made the change.
• Affected User — The user name of the affected user account.

You can see the audit log for all user accounts, or for a specific user.

To see the audit log for all user accounts:

1. On the Manage Users page, click Account Audit Log.
   By default, the Audit Log shows activities for the last 30 days.

2. To change the time range, select a time range from the drop-down list.
3. To search for a specific change, in the search text box, type the text to search for and click .
4. To see details about a specific account change, click the link in the Activity Type column.

To search the audit log for specific activities, you can add filters. To add filters:

1. At the top of the Audit Log page, click Advanced Filter.
   The Advanced Filter dialog box appears.

2. To search for specific activities, select the check box for each type of account change.
3. To search for changes made by specific users, select Changed By, and then specify one or more user names.
4. To search for changes made to specific user accounts, select Affected User, and then specify one or more user names.
5. To add the selected filters, click Add Filter(s).
   The currently added filters appear at the top of the list.

6. To clear the filters, click Clear All.

From the audit log page, you can download the audit log to a .CSV file. The file includes all account changes for the past six months, and includes the details for each account change.

To download all of the audit log information to a CSV file, on the Audit Log page, click Download All.

See Also

Manage User Account Permissions in the WatchGuard Portal

Change Your WatchGuard User Account Password

Change Your WatchGuard User Account Email Address