For engineering and IT organizations that want increased flexibility, security, and efficiency providing observability access to their teams, New Relic’s new user management and access security model is now generally available for existing customers.
Already available for new accounts created after our New Relic One launch in July 2020 and existing customers using automated user management, the new user management and access security features make it easier to add, view, and manage users, quickly apply permissions and security settings, and see all of your data across accounts.
Let’s dive into what’s changed.
Reduce steps to manage users by up to 90%
With the new user model, there’s no more switching between accounts to manage all of your users. Instead of the previous experience of adding users to each individual account, you can manage users across your organization and assign access based on predetermined groups according to team needs.
For example, this configuration upgrade alone eliminates 50% of the steps required to add five users to five accounts. And if you need to add 20 users across 25 accounts, you can with 90% fewer steps than before.
View and manage all users—in one place
It’s now easy to get a single view of all of your users across your organization in the New Relic One user management UI. At a glance, admins can see which users are basic and which are full, as well as which groups they belong to.
The user management UI is part of our new administration UI, which provides access to all key admin functionality in a single experience.
Apply permissions and security settings with an improved security posture
Improving security posture is a top priority for our enterprise and security-conscious customers. Standardizing permissions and access for teams of users required multiple steps across multiple accounts on our legacy user model. In contrast, the new group-based access controls enable you to instantly apply consistent permission settings for your teams across your organization, improving your overall security posture and enabling your admins to configure security settings confidently.
Flexible authentication options
It’s common for global engineering teams and IT organizations to need different authentication methods for different teams. For example, you might decide to use SAML single sign-on (SSO) for employees and a username and password for contractors. Or, you might like to use one identity provider (IDP) in one region and a different IDP in another.
In the new user management model, admins can apply different authentication methods for other groups of users.
Fewer logins required for SAML SSO organizations
With the new model, users on multiple master accounts can use the same SAML SSO configuration.
This capability enables users to avoid switching between master accounts and enables them to collect, explore, and alert on all of their data in one place.
Share the load with more granular roles
With the new user model, more granular roles—including Billing User, Organization Manager, and Authentication Domain Manager—allow groups of users to help remove bottlenecks for managing SAML SSO, billing, and more. Customers can add multiple users to groups with admin or billing permissions to handle different jobs that map to their organization.
In addition, with the new user model, you can have multiple users with different ownership roles to spread the workload and reduce single points of failure.
Access to automated user management
With the new model, customers on the Enterprise tier have the option to dynamically manage users at scale via automated user management (AUM) for Okta, OneLogin, Azure AD, or any IDP that supports the SCIM standard. This reduces the manual administration burden by integrating with your identity and access management provider to import, update, and deactivate New Relic users directly from your identity provider.
How do I get started?
If your account is currently on AUM, or was created after July 30, 2020, your account is already using the new user management and access security model.
The views expressed on this blog are those of the author and do not necessarily reflect the views of New Relic. Any solutions offered by the author are environment-specific and not part of the commercial solutions or support offered by New Relic. Please join us exclusively at the Explorers Hub (discuss.newrelic.com) for questions and support related to this blog post. This blog may contain links to content on third-party sites. By providing such links, New Relic does not adopt, guarantee, approve or endorse the information, views or products available on such sites.