1 of 5

User Management

The User Management configuration screen allows for viewing and managing users, clients, and accounts.

User Management Configuration Screen

Users are the individuals who have access to the Clarity LIMS interface. Because each step in Clarity LIMS is associated with a user, you can make use of user profiles to track the work moving through your lab. While users are associated with the steps they perform as part of a project, they are not directly associated with that project—unless they are assigned as the project client.
Clients are directly associated with projects in Clarity LIMS. When you create a project, you must associate it with a client. Clients differ from users in that they are not able to log in and access the Clarity LIMS web interface. They are typically external collaborators or customers who submit samples to the lab.
Accounts must be directly associated with projects, users, and clients that are created in Clarity LIMS.
NOTE: Viewing user/client/account details, and adding, modifying, and deleting users/clients/accounts are role-based permissions. For more information, see .

Add and Manage Users and Clients

This section describes how to add and manage users and clients in Clarity LIMS.

When creating users, keep the following in mind:

The username must be unique among active users in the system. This is validated when you save the user details.
If the username is already associated with an existing user, an error message displays and you are not be able to save the new user profile.
All users must provide their email address and reset their password upon upgrading their software to v5.4 (or later).

Add a User

From User Management, select the Users tab.
Select inside the Role field to display a drop-down list of roles:
- Select the role to assign to this user.

Modify User Details

From User Management, select the Users tab.
Select the user to modify.
In the User Details area, modify the details as required. If you change the username, a password reset email is sent automatically to the user.

Delete a User

From User Management, select the Users tab.
Select the user to delete.
In the User Details area, select Delete.

When deleting users, keep the following in mind:

You cannot delete a user if that user has logged in to Clarity LIMS.
You cannot delete a user if that user is associated with a project (eg, the user is the project client).
Deleting a user removes them from Clarity LIMS. You may instead prefer to archive the user or temporarily remove their access to the system. For details, see .

Add and Modify Clients

When adding new clients, each client must be a unique entry in the LIMS.

To add a client:

From User Management, select the Clients tab.
Select New Client.
In the Client Details area, complete the following required information:

Delete a Clients

A client cannot be deleted if that client is associated with a project.

From User Management, select the Clients tab.
Select the client to delete.
In the Client Details area, select Delete.

Add and Manage Accounts

Accounts are the organizations with which a facility conducts business. In the Clarity LIMS Projects and Samples screen, select the existing account from the Account drop-down list to associate projects and samples with it.

To create a new account, type directly into the Account field.

For Clarity LIMS v6.2 and later, you can also create a new account through the Accounts section of the User Management tab that is under Configuration.

Add a New Account

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Account Details area, select New Account.

Modify Account Details

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Accounts list, select the account that you want to modify.

Delete an Account

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Accounts list, select the account that you want to delete.

Manage User Access

This section describes two tasks that Clarity LIMS administrators are often required to perform:

Temporarily prevent a user from logging in by archiving the user.
Email a link to a user that allows them to reset their Clarity LIMS password.

While Clarity LIMS does not enforce password changes, for best practice and security, we recommend that user passwords are changed frequently.

Archive a User

On the main menu, select Configuration.
Select User Management.
Select the Users tab to see a list of all current active and archived users in the system, categorized by role.

By default, every new user created in Clarity LIMS is an active user and can sign in to Clarity LIMS with their username and password.

Reset a User Password

On the main menu, select Configuration.
Select User Management.
Select the Users tab to see a list of all current active and archived users in the system.

The Send login instructions option sends the user the following information:

The URL for the login screen.
Instructions on how to set their login password.
This email is sent automatically when a new user is created, but you may occasionally need to resend it.

User Roles

Clarity LIMS users are assigned roles. These roles control permissions and the ability to:

Access certain Clarity LIMS features.
Perform certain actions.
Sign in to the Clarity LIMS interfaces.

Configured Role-Based Permissions

Manage the permissions of the System Administrator, Facility Administrator, Researcher, and Collaborator user roles to restrict or allow the following actions:

Sign in to Clarity LIMS.
Sign in to the API.
View and interact with certain features of the interface.
Perform certain actions in the interface.
View and restrict any actions in the interface. [Clarity LIMS v6.1 and above]

Command-line Permissions Tool

Role-based permissions are controlled through the permissions-tool.jar tool, at /opt/gls/clarity/tools/permissions/.

For assistance with running the command-line permissions tool, contact the Illumina Support team.

Functionality includes the following commands:

—List all roles in the system.
—List names and descriptions of all permissions in the system.
—Create a role.

NOTE: The permissions-tool.jar tool function names and property names are case-sensitive. If you type the incorrect case, your command or property cannot be understood.

There can be a delay (up to 20 minutes) before changes to some API-related permissions take effect.

Supported Commands

listRoles

List all user roles in the system:

describeRole

Show permissions for a specific role:

createRole

Create a role:

showSummary

Show assigned permissions for all roles:

listPermissions

List names and descriptions of all permissions:

assignPermission

Assign a permission to a role (the example assigns permission to create controls):

[Clarity LIMS v6.1 and above] Assign a permission to a role (the example assigns read-only permission to a role):

Refer to .

removePermission

Remove a permission from a role (the example removes permission to create controls):

Refer to .

Usage

Options

Supported Permissions

The sections below list LIMS permissions and actions, and the user roles to which each permission/action is assigned by default.

By default, System Administrators and Facility Administrators have all permissions listed.

Permission: AdministerLabLink

The default role with AdministerLabLink permission is Administrator. This permission is added to the existing System Administrator & Facility Administrator roles.

The Collaborator role is based on the existing Collaborator role in LabLink v1.0.

Note: The existing Researcher role does not have the new permission and behaves similarly to the LabLink Collaborator role.

Permission: ClarityLogin

Default roles with this permission: Administrator, Researcher

Allows:

Result of denied permission

Permission: APILogin

Allows:

Result of denied permission

Permission: Project

Action:

Allows:

Result of denied permission

Permission: Sample

Action:

Allows:

Result of denied permission

The Sample:update permission is automatically granted to roles that have the Sample:create permission at the time of migration to Clarity LIMS v5.x. If you have removed create permissions from any default role, the role does not acquire the update permission.

Permission: Controls

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

Users with ClarityLogin permission can access the Consumables > Controls tab and view control sample details (read only).

Permission: ReagentKit

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

Users with ClarityLogin permission can access the Consumables > Reagents tab. They can also view, edit, and delete reagent lots, and add lots to existing kits. No additional ReagentKit permissions are required.

Permission: Role

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

APILogin permission is required for role management. All users with ClarityLogin permissions can view and edit their own user details (except for assigning/removing roles).

Permission: Read-Only [Clarity LIMS v6.1 and above]

Default roles with this permission: Not applicable. You can assign this permission to any role.

At least one System Administrator must be available to reconfigure user roles. Therefore, we recommend that you do not assign the Read-Only permission to the default Administrator and API users.

Action:

Allows:

Permission: User

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'contact' has been replaced with 'client.' However, the API still uses the permission Contact.

All users with ClarityLogin permission can view and edit their own user details (except for assigning/removing roles).

Permission: Contact

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'contact' has been replaced with 'client.' However, the API still uses the permission Contact.

Users with ClarityLogin permission can view and edit their own client and user details.

Clients can edit their own details (except for assigning/removing roles) without having update permission.

Permission: Process

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'process' has been replaced with 'master step.' However, the API still uses the permission Process.

Permission: OverviewDashboard

Default roles with this permission: Administrator

Action:

Allows:

Result of denied permission

Permission: Configuration

Default roles with this permission: Administrator

Action:

Allows:

Result of denied permission

Permission: ReQueueSample

Default roles with this permission: Administrator, Researcher, Collaborator

Allows:

Result of denied permission

Permission: SampleWorkflowAssignment

Default roles with this permission: Administrator, Researcher, Collaborator

Allows:

Result of denied permission

Permission: RemoveSampleFromWorkflow

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: MoveToNextStep

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: SampleRework

Default roles with this permission: Administrator

Allows:

Result - permission granted

Permission: ReviewEscalatedSamples

Default roles with this permission: Administrator

Allows:

Result - permission granted

Permission: ESignatureSigning

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: CanEditCompletedSteps (LIMS v5.1 and Later)

Default roles with this permission: None

Allows:

Result - permission granted

Modifications are limited to what is available on the Record Details screen for the step.

Details such as sample placement or routing cannot be modified.

Only steps completed after upgrading to LIMS v5.1 can be edited. Steps completed in v5.0 or earlier cannot be edited.

Steps that were executed using the Process API cannot be edited.

For details, see .

User and Profile Page

This section describes how to update some of the details associated with your profile, including your password, email address, and profile photo.

After signing into Clarity LIMS, you can update some of the details associated with your profile, including your password, email address, and profile photo.

If the user is an LDAP account, then you cannot update the profile in Clarity LIMS.

Update User Profile

In Clarity LIMS, at the right of the menu bar, select your username and then select Profile.
The Profile page opens, displaying the details associated with your user profile.
On this page, you can:

Reset a forgotten password

On the Sign In screen, click the Forgot your password link.
In the Reset Your Password screen, enter your username or email address and click Submit.

User Management

The User Management configuration screen allows for viewing and managing users, clients, and accounts.

User Management Configuration Screen

Users are the individuals who have access to the Clarity LIMS interface. Because each step in Clarity LIMS is associated with a user, you can make use of user profiles to track the work moving through your lab. While users are associated with the steps they perform as part of a project, they are not directly associated with that project—unless they are assigned as the project client.
Clients are directly associated with projects in Clarity LIMS. When you create a project, you must associate it with a client. Clients differ from users in that they are not able to log in and access the Clarity LIMS web interface. They are typically external collaborators or customers who submit samples to the lab.
Accounts must be directly associated with projects, users, and clients that are created in Clarity LIMS.
NOTE: Viewing user/client/account details, and adding, modifying, and deleting users/clients/accounts are role-based permissions. For more information, see .

Add and Manage Users and Clients

This section describes how to add and manage users and clients in Clarity LIMS.

When creating users, keep the following in mind:

The username must be unique among active users in the system. This is validated when you save the user details.
If the username is already associated with an existing user, an error message displays and you are not be able to save the new user profile.
All users must provide their email address and reset their password upon upgrading their software to v5.4 (or later).

Add a User

From User Management, select the Users tab.
Select inside the Role field to display a drop-down list of roles:
- Select the role to assign to this user.

Modify User Details

From User Management, select the Users tab.
Select the user to modify.
In the User Details area, modify the details as required. If you change the username, a password reset email is sent automatically to the user.

Delete a User

From User Management, select the Users tab.
Select the user to delete.
In the User Details area, select Delete.

When deleting users, keep the following in mind:

You cannot delete a user if that user has logged in to Clarity LIMS.
You cannot delete a user if that user is associated with a project (eg, the user is the project client).
Deleting a user removes them from Clarity LIMS. You may instead prefer to archive the user or temporarily remove their access to the system. For details, see .

Add and Modify Clients

When adding new clients, each client must be a unique entry in the LIMS.

To add a client:

From User Management, select the Clients tab.
Select New Client.
In the Client Details area, complete the following required information:

Delete a Clients

A client cannot be deleted if that client is associated with a project.

From User Management, select the Clients tab.
Select the client to delete.
In the Client Details area, select Delete.

Add and Manage Accounts

To create a new account, type directly into the Account field.

For Clarity LIMS v6.2 and later, you can also create a new account through the Accounts section of the User Management tab that is under Configuration.

Add a New Account

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Account Details area, select New Account.

Modify Account Details

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Accounts list, select the account that you want to modify.

Delete an Account

From Configuration, select the User Management tab.
Select the Accounts tab.
In the Accounts list, select the account that you want to delete.

Configured Role-Based Permissions

Manage the permissions of the System Administrator, Facility Administrator, Researcher, and Collaborator user roles to restrict or allow the following actions:

Sign in to Clarity LIMS.
Sign in to the API.
View and interact with certain features of the interface.
Perform certain actions in the interface.
View and restrict any actions in the interface. [Clarity LIMS v6.1 and above]

Command-line Permissions Tool

Role-based permissions are controlled through the permissions-tool.jar tool, at /opt/gls/clarity/tools/permissions/.

For assistance with running the command-line permissions tool, contact the Illumina Support team.

Functionality includes the following commands:

—List all roles in the system.
—List names and descriptions of all permissions in the system.
—Create a role.

NOTE: The permissions-tool.jar tool function names and property names are case-sensitive. If you type the incorrect case, your command or property cannot be understood.

There can be a delay (up to 20 minutes) before changes to some API-related permissions take effect.

Supported Commands

listRoles

List all user roles in the system:

describeRole

Show permissions for a specific role:

createRole

Create a role:

showSummary

Show assigned permissions for all roles:

listPermissions

List names and descriptions of all permissions:

assignPermission

Assign a permission to a role (the example assigns permission to create controls):

[Clarity LIMS v6.1 and above] Assign a permission to a role (the example assigns read-only permission to a role):

Refer to .

removePermission

Remove a permission from a role (the example removes permission to create controls):

Refer to .

Usage

Options

Supported Permissions

The sections below list LIMS permissions and actions, and the user roles to which each permission/action is assigned by default.

By default, System Administrators and Facility Administrators have all permissions listed.

Permission: AdministerLabLink

The default role with AdministerLabLink permission is Administrator. This permission is added to the existing System Administrator & Facility Administrator roles.

The Collaborator role is based on the existing Collaborator role in LabLink v1.0.

Note: The existing Researcher role does not have the new permission and behaves similarly to the LabLink Collaborator role.

Permission: ClarityLogin

Default roles with this permission: Administrator, Researcher

Allows:

Result of denied permission

Permission: APILogin

Allows:

Result of denied permission

Permission: Project

Action:

Allows:

Result of denied permission

Permission: Sample

Action:

Allows:

Result of denied permission

Permission: Controls

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

Users with ClarityLogin permission can access the Consumables > Controls tab and view control sample details (read only).

Permission: ReagentKit

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

Permission: Role

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

APILogin permission is required for role management. All users with ClarityLogin permissions can view and edit their own user details (except for assigning/removing roles).

Permission: Read-Only [Clarity LIMS v6.1 and above]

Default roles with this permission: Not applicable. You can assign this permission to any role.

At least one System Administrator must be available to reconfigure user roles. Therefore, we recommend that you do not assign the Read-Only permission to the default Administrator and API users.

Action:

Allows:

Permission: User

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'contact' has been replaced with 'client.' However, the API still uses the permission Contact.

All users with ClarityLogin permission can view and edit their own user details (except for assigning/removing roles).

Permission: Contact

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'contact' has been replaced with 'client.' However, the API still uses the permission Contact.

Users with ClarityLogin permission can view and edit their own client and user details.

Clients can edit their own details (except for assigning/removing roles) without having update permission.

Permission: Process

Default roles with these permissions: Administrator

Action:

Allows:

Result of denied permission

In the LIMS user interface, the term 'process' has been replaced with 'master step.' However, the API still uses the permission Process.

Permission: OverviewDashboard

Default roles with this permission: Administrator

Action:

Allows:

Result of denied permission

Permission: Configuration

Default roles with this permission: Administrator

Action:

Allows:

Result of denied permission

Permission: ReQueueSample

Default roles with this permission: Administrator, Researcher, Collaborator

Allows:

Result of denied permission

Permission: SampleWorkflowAssignment

Default roles with this permission: Administrator, Researcher, Collaborator

Allows:

Result of denied permission

Permission: RemoveSampleFromWorkflow

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: MoveToNextStep

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: SampleRework

Default roles with this permission: Administrator

Allows:

Result - permission granted

Permission: ReviewEscalatedSamples

Default roles with this permission: Administrator

Allows:

Result - permission granted

Permission: ESignatureSigning

Default roles with this permission: Administrator

Allows:

Result of denied permission

Permission: CanEditCompletedSteps (LIMS v5.1 and Later)

Default roles with this permission: None

Allows:

Result - permission granted

Modifications are limited to what is available on the Record Details screen for the step.

Details such as sample placement or routing cannot be modified.

Only steps completed after upgrading to LIMS v5.1 can be edited. Steps completed in v5.0 or earlier cannot be edited.

Steps that were executed using the Process API cannot be edited.

For details, see .

User Management

hashtagUser Management Configuration Screen

hashtagAdd and Manage Users and Clients

hashtagAdd a User

hashtagModify User Details

hashtagDelete a User

hashtagAdd and Modify Clients

hashtagTo add a client:

hashtagDelete a Clients

hashtagAdd and Manage Accounts

hashtagAdd a New Account

hashtagModify Account Details

hashtagDelete an Account

Manage User Access

hashtagArchive a User

hashtagReset a User Password

User Roles

Configured Role-Based Permissions

hashtagCommand-line Permissions Tool

hashtagSupported Commands

hashtaglistRoles

hashtagdescribeRole

hashtagcreateRole

hashtagshowSummary

hashtaglistPermissions

hashtagassignPermission

hashtagremovePermission

hashtagUsage

hashtagOptions

hashtagSupported Permissions

hashtagPermission: AdministerLabLink

hashtagPermission: ClarityLogin

hashtagPermission: APILogin

hashtagPermission: Project

hashtagPermission: Sample

hashtagPermission: Controls

hashtagPermission: ReagentKit

hashtagPermission: Role

hashtagPermission: Read-Only [Clarity LIMS v6.1 and above]

hashtagPermission: User

hashtagPermission: Contact

hashtagPermission: Process

hashtagPermission: OverviewDashboard

hashtagPermission: Configuration

hashtagPermission: ReQueueSample

hashtagPermission: SampleWorkflowAssignment

hashtagPermission: RemoveSampleFromWorkflow

hashtagPermission: MoveToNextStep

hashtagPermission: SampleRework

hashtagPermission: ReviewEscalatedSamples

hashtagPermission: ESignatureSigning

hashtagPermission: CanEditCompletedSteps (LIMS v5.1 and Later)

User and Profile Page

hashtagUpdate User Profile

hashtagReset a forgotten password

Manage User Access

hashtagArchive a User

hashtagReset a User Password

User Management

hashtagUser Management Configuration Screen

hashtagAdd and Manage Users and Clients

hashtagAdd a User

hashtagModify User Details

hashtagDelete a User

hashtagAdd and Modify Clients

hashtagTo add a client:

hashtagDelete a Clients

hashtagAdd and Manage Accounts

hashtagAdd a New Account

hashtagModify Account Details

hashtagDelete an Account

User and Profile Page

hashtagUpdate User Profile

hashtagReset a forgotten password

User Roles

hashtagSystem Administrator and Facility Administrator

hashtagResearcher

hashtagCollaborator

Configured Role-Based Permissions

hashtagCommand-line Permissions Tool

User Management Configuration Screen

Add and Manage Users and Clients

Add a User

Modify User Details

Delete a User

Add and Modify Clients

To add a client:

Delete a Clients

Add and Manage Accounts

Add a New Account

Modify Account Details

Delete an Account

Archive a User

Reset a User Password

Command-line Permissions Tool

Supported Commands

listRoles

describeRole

createRole

showSummary

listPermissions

assignPermission

removePermission

Usage

Options

Supported Permissions

Permission: AdministerLabLink

Permission: ClarityLogin

Permission: APILogin

Permission: Project

Permission: Sample

Permission: Controls

Permission: ReagentKit

Permission: Role

Permission: Read-Only [Clarity LIMS v6.1 and above]

Permission: User

Permission: Contact

Permission: Process

Permission: OverviewDashboard

Permission: Configuration

Permission: ReQueueSample

Permission: SampleWorkflowAssignment

Permission: RemoveSampleFromWorkflow

Permission: MoveToNextStep

Permission: SampleRework

Permission: ReviewEscalatedSamples

Permission: ESignatureSigning

Permission: CanEditCompletedSteps (LIMS v5.1 and Later)

Update User Profile

Reset a forgotten password

Archive a User

Reset a User Password

User Management Configuration Screen

Add and Manage Users and Clients

Add a User

Modify User Details

Delete a User

Add and Modify Clients

To add a client:

Delete a Clients

Add and Manage Accounts

Add a New Account

Modify Account Details

Delete an Account

Update User Profile

Reset a forgotten password

System Administrator and Facility Administrator

Researcher

Collaborator

Command-line Permissions Tool

Supported Commands

listRoles

describeRole

createRole

showSummary

listPermissions

assignPermission

removePermission

Usage

Options