User Management in SOTI Identity

SOTI Identity is a centralized, cloud hosted, authentication and authorization service for user management across all SOTI ONE applications, including SOTI MobiControl.

This section contains the following topics:

SOTI Identity validates user credentials to verify the authenticity of a user to provide secure access to SOTI ONE applications. Once users log into a single SOTI ONE application, they are logged into all associated applications.

Learn more about SOTI Identity at SOTI Identity Help.

Note: As of SOTI MobiControl v15.0.0, all new, cloud installations of SOTI MobiControl are automatically configured to use SOTI Identity for user management.
  • If you have an existing SOTI MobiControl installation and upgrade to v15.0 or later, no changes will be made to your deployment, although you do have the option to migrate your user management to SOTI Identity.
  • If you are a new, on-premises customer, you can choose to connect SOTI MobiControl from SOTI Identity. Contact SOTI Support to start the process.

Offline installations of SOTI MobiControl cannot use SOTI Identity as it requires an internet connection to function.

The following user management tasks are performed in SOTI Identity:

  • Adding Users
  • Deleting Users
  • Creating and assigning user roles
  • Setting access control and password complexity requirements
  • Unlocking accounts

While users and user roles are added and assigned in SOTI Identity, SOTI MobiControl defines the permissions for those roles. Changes to user roles in SOTI Identity are immediately reflected in the SOTI MobiControl console. User activity tracking is also performed within SOTI MobiControl.

You can still create local SOTI MobiControl accounts and manage them alongside SOTI Identity accounts. However, it is not recommended.

SOTI Identity does not migrate existing user groups from upgraded SOTI MobiControl systems. You must recreate them manually in SOTI Identity.

Note: You cannot use SOTI Identity accounts (local, LDAP, or IDP) for device enrollment.