Internal authentication for system user login

For system users signing in to the HP Insights web console without an external identity provider

Note: This page covers Internal authentication for system users signing in to the HP Insights web console. For an overview of all authentication options, see Configure SSO for system user login. For Internal authentication for print job submission and release, see Authentication Providers.

Overview

Internal authentication is the default provider type for system user login. When Internal is selected, HP Insights manages system user credentials directly — no external identity provider is required.

System users created under Internal authentication are internal users. They sign in to the web console using a username and password set and managed by HP Insights.

There is nothing to configure for Internal authentication. It is active by default. The only tasks are creating system users and inviting them to sign in.

When to use Internal authentication

Internal authentication is most suitable when:

  • Your organisation does not have an external identity provider.
  • The number of system users is very small.
  • You are setting up HP Insights for the first time and want to verify access before configuring SSO.
  • You need a fallback access method while SSO is being configured.

If your organisation has an existing identity provider such as Microsoft Entra ID or Okta, consider using SSO instead. SSO eliminates separate credentials and gives you centralised control over access. See Configure SSO for system user login for the available options.

Step 1: Create a system user

System Users are specialized administrative accounts created to manage customer configurations through the web client. These users have elevated privileges that allow them to perform critical administrative tasks, ensuring the system operates according to organizational requirements.

  1. Log in to the HP Insights web console.
  2. Navigate to Account Settings >  Single Sign-on Configuration and confirm the Provider Type is set to Internal.
  3. Navigate to Users > System Users and click Create.
  4. Enter the following required fields:
    • Name
    • Email Address — this becomes the system user's login username.
    • Role Name
    • Access Group
  5. Click Save. The system user is added to the System Users list.

See the System Users topic for more information.

Step 2: Invite the system user

Newly created system users cannot sign in until they have been invited. The invitation email contains a link to set their password and access the web console.

  1. Navigate to Users > System Users.
  2. Select the user or users to invite by checking the box next to their name.
  3. Click Invite. The Invite System Users dialog shows how many users will be invited.
  4. Click Send. Each selected user receives an email with a link to access HP Insights.

Note: You can invite multiple users in a single operation by selecting multiple names before clicking Invite.

System user login experience

After receiving the invitation email, the system user:

  1. Clicks the link in the invitation email. This opens the HP Insights login page.
  2. Enters their email address. This must match the email address added when the system user was created.
  3. Sets and confirms their password.
  4. Signs in to the HP Insights web console.

On subsequent logins, the system user enters their email address and password directly on the HP Insights login page. They are not redirected to an external identity provider.

Symptom: The system user reports not receiving the invitation email after being invited.

Cause: The email may have been filtered to spam, or the email address entered when creating the user was incorrect.

Resolution: Ask the user to check their spam folder. If the email address was entered incorrectly, update it in Users → System Users and resend the invitation.

Symptom: The system user clicked the invitation link but cannot sign in to the web console.

Cause: The invitation link may have expired, or the Provider Type has been changed from Internal to SSO since the invitation was sent.

Resolution: Resend the invitation from Users → System Users. If the Provider Type has been changed to SSO, the user must be recreated as an external user under the new provider.

Symptom: The system user enters their email address on the login page and is redirected to an external identity provider rather than prompted for their internal password.

Cause: The Provider Type under Account Settings → Single Sign-on Configuration has been changed from Internal to SAML or OpenID Connect. The user's account is still configured as an internal user but the provider no longer matches.

Resolution: If Internal was changed intentionally, the user must be recreated as an external user. If the change was not intentional, restore the Provider Type to Internal under Account Settings → Single Sign-on Configuration.

Related topics