Using User Accounts
User accounts provide the two most important means of protecting the information in your database - user authentication and user permissions. Everyone who logs in to your web site must authenticate their user name and password against the information stored in a user account in your database and security measures such as account lockouts protect user accounts. In addition to authentication information, user accounts store information about the user:
Contact information, name and email address
Information related to how your site is displayed to the user and what is initially displayed after the user logs in, the user's preferences
The role of the user in your process
A unique identity that ties the information stored in your database to the user that entered it
Not all users can have access to all information, nor can all users be allowed to perform any action. You wouldn't, for example, want an applicant to be able to score their own application or be able to access the applications of other applicants, and certainly wouldn't want an applicant to be able to delete or modify those applications. Therefore, every user has a set of permissions that governs what the user can see and do within your site. Since it would be cumbersome to maintain separate permissions for every user, users are categorized by their role in your process - the User Type - and all users of a particular type are governed by the same set of permissions.
The topics in this section explain how to set up your User Types, how to configure user permissions, how to manage your user accounts, and how to configure your site to allow applicants to register and create their own accounts.
Configuring User Types