Modular user management

Configure users, roles and permissions

You and your team want secure and sustainable access to your IoT solution, with full insight and control. To achieve this, assigning the right roles and permissions is essential.

To achieve this, assinging the right roles and permissions is done in GRIP. This Identity and Access Management platform is developed by KPN, specifically designed for Business Users. It enables organizations to securely and efficiently manage access to their applications and services.

To assign roles, you must be an admin of the account. As an administrator, you can add or remove users and configuratie roles and permissions for your services.

Before you start

To manage users and roles, you need admin rights

  • Already an admin? Great! Let’s get started!

  • Not an admin yet? Ask your organization’s administrator to grant you admin rights Not sure who that is? Contact us and we’ll help you out

Access the User Management section

You can access GRIP in three ways.

  1. Via KPN Things Portal

  2. Via MijnKPN Zakelijk

  3. Via direct link

Via KPN Things Portal

1

  1. Go to portal.kpnthings.com/manager or go to KPN Things Portal and click on Things Manager

  2. Click on your Company in the menu

  3. Click on User Profiles under Account

2

Click on the Manage Users link shown above the users overview.

3

For documentation about how to manage users click here

Via MijnKPN Zakelijk

1

Go to https://mijnkpnzakelijk.kpn.com

2

Log in and select Company Details in the menu and click on User Management

3

For documentation about how to manage users click here

Via direct link

1

Go to grip-on-it.com

2

Log in and select Users

3

For documentation about how to manage users click here

Managing Users in GRIP

The information below explains how to manage users, including adding and removing users, and managing roles and permissions.

Once you have accessed the User Management section in GRIP, you can perform several actions to control access within your organization.

What functionalities do you have

Review existing users, add and delete users View the list of all users in your organization, including their roles and assigned services. Invite new team members by creating users accounts or deleting users who no longer need access to your services.

Edit or give permissions to an added or existing user Modify user information, roles and permissions to ensure they have the correct level of access to your services.

Why this matters Managing users and permissions in GRIP ensures that only authorized individuals can access your applications and IoT services. This helps maintain security and compliance across your organization.

Review existing users, add and delete users

In the User Management table, you can see all current users along with their assigned roles and permissions. This overview helps you quickly check who has access to which services.

Add, Remove or Modify Users

  1. To add a new user, click Add User at the top of the page

  2. To modify a user, click the three dots ⋮ and select Edit

  3. To remove a user, click the three dots ⋮ and select Deactivate or Delete

Modify users

To give you the opportunity to reactivate an account without having to create it again, a deleted user will remain visible in the overview for 10 days before it is completely removed.

Edit or give permissions to an added or existing user

For a New User you click on the Add User at the top of the page and provide the general information.

1

Provide the general information

  1. Fill in the general details of the new user

  2. Select the Send email to set password option to send a password email immediately. This can also be done at a later time, for example after you’ve configured all roles and permissions.

  3. Click the Add User button

If the user is a contact person for operational matters, it is advisable to provide a phone number and the correct language setting so that our service desk can reach you when needed.

After adding the user, the next screen opens where you can optionally enter additional information about the user. This information is not required for using your account, but it can be used for your own administration.

  1. Add additional general details (optional)

  2. Add even more information like job title or office location (optional)

  3. Select the preferred language setting

  4. Click the Save Changes button

Assigning Services and Roles

1

Select Services and Roles

  1. Navigate to the Services and Roles tab

  2. If the user should be able to manage other users, enable the Admin role

  3. Click Save Changes

  4. Click + Assign services and roles button to add specific services

Select the appropriate services and roles based on the user’s responsibilities. The example below grants the user full access to the features within the KPN IoT solution.

The admin is responsible for assigning the correct permissions to the user. Please note that someone with admin rights can also grant themselves additional permissions.

Services and Roles explained

The below list shows the available roles for services that are used within the KPN IOT solution and describes what levels of access each of the roles gives to the user in KPN Things portal.

The central identity solution behind every account

Provides the user with an Admin account to access and give assigned services.

Role
Description
Access

Admin

Full user management, including own account.

View and manage services and roles of other users; add, modify or remove users.

The foundation for your IoT applications

The starting point for your IoT service and manage the IoT solution.

We advise that every user has a Things Manager and Things Support role.

Make sure to select only one role per item If you choose multiple roles - such as Thing Manager - Admin and Thing Manager - Read Only - the lowest role will override the highest.

In this example, you would only have Read Only access.

Things Creator

These roles are only needed if you manage your devices, decoders and scripts via KPN Things. If only connectivity features are used, these roles are not required.

Role
Description
Access

Things Creator - Admin

Full access to Things Creator tab.

Add modify or remove devices types, decoders and scripts.

Things Creator - Read Only

Read-only access to Things Creator tab.

View device types, decoders, and scripts.

Things Manager

We recommend granting the user at least KPN Things - Read Only access. This ensures insights into the IoT solution and enables options such as making exports of connectivity items available.

Role
Description
Access

Things Manager - Admin

Full access to Things Manager tab.

Add, modify, or remove devices, flows, destinations and manage connectivity.

Things Manager - Editor

Full access except for deleting to Things Manager tab.

Add, modify, or remove devices, flows, destinations and manage connectivity except the right to delete.

Things Manager - Read Only

Read only access to Things Manager tab.

View devices, flows, destinations and connectivity.

Things Support

We advise that every user has access to this role in order to see important documents and access to links to contact information and ServiceNow be able to log tickets. Assigning this role also subscribes you to service emails.

To be able to log tickets in ServiceNow also the ICT Manager role must be granted in Self Service Portal.

Role
Description
Access

Things Support - User

Access to the Things Support tab.

View news, release notes, documents, service status, reports and contact info and recieve service emails.

Provides access to the Service Portal for reporting incidents and service request

The Self Service Portal allows users to register and track tickets for incidents, information requests, change requests, and complaints. We recommend granting access to all users and ensuring each user profile includes the correct phone number and language setting (found under the Location section in User Settings).

The 'Things Support - User' role must be assigned to access the Self Service Portal via Support tab in the KPN Things Portal.

Role
Description
Access

ICT Manager

Access to Self Service Portal.

Register and track tickets for incidents, information requests, change requests and complaints.

Provides access to te KPN Webshop

Grants the user access to the KPN Webshop. If any of the webshop-related roles are assigned, the Shop tab will automatically become visible and accessible in the KPN Things Portal.

Role
Description
Access

Forecasting

Enables forecasting functionality.

Enables product forecasting for specific calendar periods, allowing KPN to align stock levels with expected demand

Quotation

Enables ordering and requesting quotations.

Enables to order products and request quotations for items that are not currently covered by an existing contract. Additionally, user can view the status and history of their orders.

Read Only

Read only access of products and prices.

View product details and prices, order status and order history.

Voucher Manager

Manage discount vouchers.

Process discount vouchers.

Please note that you must have at least the Quotation role assigned to be able to place orders.

Provide access to MijnKPN Zakelijk functions

This provides the user with access to the MijnKPN Zakelijk service portal. It gives access to the available services.

Role
Description
Access

Facturen (Invoices)

View invoices in PDF format.

Allows user to view all invoices in PDF format that are linked to the same KPN Reference Number (KRN), which is your company’s unique identifier within KPN.

PreviousExplorer user managementNextTailored user management

Last updated

Was this helpful?