User accounts for StreamNative Cloud

In StreamNative Cloud, users are identified by their email address and authenticated through one of the following: Google login, username and password, or through SSO. Organization administrators can invite users to an organization, and they will receive an email to complete the registration.

​

Authentication Methods

StreamNative Cloud provides three authentication methods (username/password, Google, and SSO), as summarized in the following table.

Note that StreamNative Cloud users have the following conditions and limitations:

• Each user account represents one user and allows management of their access to StreamNative Cloud.
• User accounts are organization-level resources. An organization can have only one identity provider (IdP).
• You can sign in to a user account using the StreamNative Cloud Console or StreamNative CLI.
• Principals (users and service accounts) can be granted ACLs. For details, see Control Access to StreamNative Cloud.
• You can create and manage users using the StreamNative Cloud Console.
• A user account can be a member of one or more organizations. When a user is a member of multiple organizations, their authentication types are the same across all organizations.
• If your email provider supports creating multiple accounts or aliases by adding a plus sign (+) and a tag or word before the @ sign in an email address, each alias that is used to sign up for StreamNative Cloud will be its own separate account. This doesn’t work for organizations enabled SSO login.
• A user account can have multiple authentication methods.

​

Users using username/password

​

Create a user (initial)

If you don’t have a StreamNative Cloud user account, you can create one with a username and password.

To create a user in StreamNative Cloud:

1. Go to the StreamNative Cloud Console.

2. The Create Your Account page appears.

3. To sign up for a new account, type your email and click Continue button.

4. Enter a password and click the Continue button. A verification link will be sent to your email address.

5. Check your email account for a Your account with StreamNative Cloud email.

6. In the email, click “Verify email address”. You will be redirected to an Email Verified page on StreamNative Cloud. Then click “Back to cloud console for login”.

7. The Log in to StreamNative’s cloud console page appears.

8. Type in your email and password to continue. Follow the instruction to complete the sign-up form to create your first organization.

9. You are signed in to StreamNative Cloud and can begin using the StreamNative Cloud Console.

​

Password requirements

Passwords must conform to the following restrictions:

• At least 8 characters
• At least 3 of the following:
  • Lower case letters (a-z)
  • Upper case letters (A-Z)
  • Numbers (0-9)
  • Special characters (e.g. ! @ # $ % ^ & *)

StreamNative Cloud user accounts use Auth0 for authentication. For details about password lengths, see Password Strength in Auth0 Database Connections.

​

Resetting your password

If you forget your password, reset it by doing the following:

• Go to the Cloud Console. Enter your email address into the login prompt as though you were going to sign in, and click Continue.
• On the next screen, you will be prompted to enter your password. Below the password field is a link titled Forgot password?. Click it.
• The next screen, titled Forgot your password?, contains a field to enter your email address to receive instructions on resetting your password. Confirm the email address in the field is correct, and click Continue.
• Check your inbox for an email from StreamNative Cloud titled “Reset your password.” If you do not see it, check your Spam folder.
• Navigate to the link specified in the email, and you will see a page where you can reset your password. Enter in your new password, re-enter it to confirm it, and click Reset password.

​

Signing In with Google

Users can create a user account for StreamNative Cloud using Google as their social identity provider (IdP). This simplifies user registration and sign-in and is a convenient alternative to mandatory account creation.

If your organization starts on StreamNative Cloud using the “Continue with Google” option, you can migrate later to use SAML-based single sign-on (SSO).

​

Use Continue with Google to authenticate

You can sign up for a StreamNative Cloud user account with Google and then you will be able to use Continue with Google on every future visit.

To use Continue with Google:

1. Go to StreamNative Cloud Console.

2. Click Continue with Google.

3. On the Choose an account page, click on your Google account.

4. After you’re authenticated with Google, you will be redirected to StreamNative Cloud console. Follow the instruction to complete the sign-up form to create your first organization.

5. You are signed in to StreamNative Cloud and can begin exploring and using the StreamNative Cloud Console.

After registering your Google account with StreamNative Cloud, you can sign in to StreamNative Cloud by going to the StreamNative Cloud Console and clicking Continue with Google.

​

Single sign-on (SSO) users

User accounts created after enabling single sign-on (SSO) for your organization provide acccess to StreamNative Cloud using an existing SAML-based identity provider (IdP). If you would like to enable SSO for your organization, please reach out to your StreamNative Account Manager.

​

Manage user accounts

As an administrator, you can invite users to your organization and delete the current users. This section describes how to invite, view, and delete users in your organization.

You can perform all these operations using the StreamNative Cloud console. Alternatively, you can do them using StreamNative CLI. Before executing any commands, ensure that snctl is correctly configured for the appropriate organization. For guidance on signing in to an organization with snctl, refer to the section on Sign in to an organization.

​

Invite a user

​

Invite a user using the StreamNative Cloud Console

You can use the StreamNative Cloud Console to invite a user.

The new user is sent a Welcome to StreamNative Cloud message. The new user can click “Get Started” link to sign up or log in to the StreamNative Cloud Console to access the organization that he is invited to.

​

Invite a user using snctl

snctl create user ${user_account_name} --email ${email}

snctl create user john.doe@test.local --email john.doe@test.local

snctl create rolebinding ${rolebinding_name} --role admin --user ${user_account_name}

snctl create rolebinding john.doe@test.local_admin --role admin --user john.doe@test.local

snctl create user ${user_account_name} --email ${email}

snctl create user john.doe@test.local --email john.doe@test.local

snctl create rolebinding ${rolebinding_name} --role admin --user ${user_account_name}

snctl create rolebinding john.doe@test.local_admin --role admin --user john.doe@test.local

apiVersion: cloud.streamnative.io/v1alpha1
kind: User
metadata:
  name: ${user_account_name}
  namespace: ${organization_id}
spec:
  email: ${email}
  name:
    first: ${user_first_name}
    last: ${user_last_name}
  type: external

---
apiVersion: cloud.streamnative.io/v1alpha1
kind: RoleBinding
metadata:
  name: ${rolebinding_name}
  namespace: ${organization_id}
spec:
  roleRef:
    apiGroup: cloud.streamnative.io
    kind: Role
    name: admin
  subjects:
    - apiGroup: cloud.streamnative.io
      kind: User
      name: ${user_account_name}

apiVersion: cloud.streamnative.io/v1alpha1
kind: User
metadata:
  name: john.doe@test.local
  namespace: myorg
spec:
  email: john.doe@test.local
  name:
    first: John
    last: Doe
  type: external

sidebarTitle: User Accounts
---
apiVersion: cloud.streamnative.io/v1alpha1
kind: RoleBinding
metadata:
  name: john.doe@test.local_admin
  namespace: myorg
spec:
  roleRef:
    apiGroup: cloud.streamnative.io
    kind: Role
    name: admin
  subjects:
    - apiGroup: cloud.streamnative.io
      kind: User
      name: john.doe@test.local

snctl apply -f user.yaml

user.cloud.streamnative.io/john.doe@test.local created
rolebinding.cloud.streamnative.io/john.doe@test.local_admin created

​

Delete a user account

​

Delete a user using the StreamNative Cloud Console

To delete a user, follow these steps.

1. In the upper-right corner of StreamNative Console, click your Profile and select Users from the drop-down list.

2. Click the ellipsis at the end of the row of the user that you want to delete, and then click Delete. A dialog box displays.

3. Click Confirm.

​

Delete a user using snctl

snctl delete user ${user_account_name}

snctl delete user john.doe@test.local

snctl delete user ${user_account_name}

snctl delete user john.doe@test.local

snctl delete -f /path/to/config.yaml

​

View user accounts

​

View user accounts using the StreamNative Cloud Console

In the upper-right corner of StreamNative Console, click your Profile and select Users from the drop-down list to view the users for an organization, including the email address and status of the users.

​

View user accounts using snctl

You can view the list of user accounts by running the following command:

snctl get users

If you want to view the details of a specific user ${user_account_name}, you can use:

snctl get users ${user_account_name}

For example, to view the user account john.doe@test.local, you would use:

snctl get users john.doe@test.local -o yaml