Working with Account Settings
Last updated
Last updated
The provides a management interface for various aspects of your ThousandEyes account, such as your user settings and contact information. You can also manage information about your organization, its users, and account groups. To access your account settings, click Account Settings on the lefthand side menu.
The Account Settings screen's submenus are separated into multiple tabs. You might not see all the tabs and their contents, depending on your permissions. For example, users with the Organization Admin role see the Users tab, which displays information about users in each account group within the organization. Users with the Account Admin role also see a Users tab, but are limited to seeing only those users in the account groups they are assigned to.
For information about roles and permissions, see .
The displays information about the user's organization(s), account groups(s) and assigned roles within those account groups. Here, users can modify their own username and email address (used for login to the ThousandEyes platform), change their password, and set their preferred timezone for the web interface.
If you need to update the email address you use for login to the ThousandEyes platform, do the following:
In the Email field, type the new email address.
Click Save Changes.
In both the new and the old email addresses, confirm the change.
Each user's password must be at least 8 characters in length, and must contain at least 3 of the following types of characters:
digits
symbols
uppercase letters
lowercase letters
Clicking on any entry in the table expands it and presents management options for the user's name, email address and account group associations, not unlike what each user sees in their Profile tab:
At the top, the Add New Users button opens a similar dialog, displayed in the figure below. This dialog has one additional feature - multiple users can be created in one step, with identical account group and role associations. To create multiple users in one step, simply add multiple email addresses into the Emails field. You can add multiple emails by either pressing the Enter key after each email address is typed in, or by pasting a comma-separated list of email addresses into the field:
As shown in the previous figure (the expanded user entry figure above), each user can be a member of multiple account groups. In each account group, the user can have more than one role assigned. The permission list granted to the user within each account group is a union of permissions across all roles assigned to the user in that account group. For example, if the user has the Account Admin and Regular User roles, they will have the combined permissions of both roles.
An account group's Enterprise Agents can be displayed in the Enterprise Agents drop-down. Enterprise Agents available to the current account group are displayed with checked boxes. Agents from other account groups can be checked to make them available to this account group or can be unchecked to remove them from the current account group. A checked and greyed out entry indicates an agent for which the current account group is the primary account group (i.e., the agent was created with the current account group's token) and thus cannot be deselected:
As explained above, each user can have access to more than one account group. Those account groups can even span across multiple organizations. Additionally, users with the Organization Admin role (or similar) have access to all account group defined within the organization. This allows the user to view tests, shares, reports and agents assigned to each of the account groups belonging to the organization.
The following figure on the left shows the currently active context of the "QA PROD" account group (1). The figure on the right shows the expanded drop-down listing all account groups available to the user, from multiple organizations (2). Below the ThousandEyes Support Organization (in gray) is the "ThousandEyes Support" (3) account group. Under the ThousandEyes Internal Organization there are 4 other account groups. In this example QA PROD is listed in another organization further up in the menu selection:
The Plan Usage section provides an overview of all aspects of Unit and license consumption:
Units: Shows the current usage (solid green bar), additional projected usage until the end of the current billing cycle (dashed green/white bar) and the remainder of the planned/purchased capacity.
Enterprise Agent Licenses: The number of Enterprise Agents currently used and the number of purchased licenses in the plan.
Endpoint Agent Licenses: The number of Endpoint Agents currently enabled and the number of purchased licenses in the plan.
You can select between showing consumption details of Cloud Agent Units or Enterprise Agent Units. The Enterprise Agent Units option is only visible to organizations on a metered billing model.
Control the breakdown table content by choosing to show your consumption by Account Group, by Test Type or by individual Test.
An organization owner can delete their organization. To delete your organization:
Log in to the ThousandEyes platform.
In the Organization Deletion section, click Delete.
The following sections are visible in this tab:
Plan Details: The details of your contracted ThousandEyes usage plan.
Billing Address: The address to be included on the invoices and the email address to which invoices are sent.
Payment Method: Displays payment information which is sent to a third party provider used by ThousandEyes for credit card processing. This form is a secure element connecting you directly to the third party provider. ThousandEyes never receives the credit card information, but rather obtains an authorization on behalf of the payment processor.
Billing History: Displays billing information generated over previous billing cycles.
Components of the Quotas tab:
Plan: Total units allocated to an organization per month.
Organization Current Usage Rate: Current rate at which an organization is utilizing units in their plan. Shown in terms of % of Plan used and units consumed.
Unallocated Usage: Available units not allocated to any account group.
Account Group: This column contains names of account groups defined in the organization.
Current Usage Rate: Current rate at which an account group is utilizing units. Shown in terms of % of Plan and units consumed.
Quota Switch: Enable/Disable fixed quota of units for an account group.
Slider to configure a value for Usage Selector field
Usage Selector: Amount of units allocated to an account group.
Two options are available to configure Usage Selector value as below:
Units: Maximum number of units an account group can use per month.
% of Plan: Maximum proportion of organization's total units an account group can use per month.
Once you have finished configuring quotas, click Save Changes for the changes to take effect.
Use case #1: I don't want a single account group consuming all my units unexpectedly.
Configure quota settings for all your account groups. This way none of your account groups will be able to consume all available units, preventing (unintended) increased unit usage in one account group from adversely affecting your other account groups.
Use case #2: My users are located all over the world. I want to allocate units to users based on regions.
Create one account group per region. Then configure unit quotas for each region.
Use case #3: I want to keep my operations team uncapped while limiting units for all other account groups.
If you have enabled quotas for all your account groups, you can always disable unit quota allocation for a particular account group while leaving other account groups capped.
Use case #4: I don't know how many units my new account groups will consume, but I don't want them to consume all available units.
Quotas allocated to your account groups can add up to more than 100% of available units. Configure your new account group(s) with quota allocations below 100% for each individual account group. This enables an early warning about individual account group consuming more units than expected while not immediately affecting your other account groups.
Use case #5: I've set up account group quotas, the setup is working as expected. How can I make sure my quotas configuration is unchanged?
Every ThousandEyes user in your account with the Can assign and edit quota permission will be able to adjust quotas. You will need to remove this permission (only available to Organization Admins by default) from all users unauthorized to perform quota allocation changes. You will need to communicate your requirement to other ThousandEyes administrators in your organization. If unexpected changes do happen, you can always inspect the Activity Log for further details.
Security & Authentication, SSO setup and Organization Default Time Zone Settings are found under Account Settings > Organization Settings:
The Security & Authentication tab provides configuration of the following aspects of your ThousandEyes account:
Password Expiration - Policy configuration for users who are allowed to use interactive login.
Organizations can optionally enforce a password expiry period within their organization. Users with the Edit security & authentication settings permission can define a password expiration rule forcing password expiry every 3, 10, 30, 60 or 120 days. You must first check the box to Enable password expiration, then set the expiration period. For organizations using SSO, this applies to ThousandEyes passwords, not to passwords managed by your SSO provider.
The Password recycle count allows users to set the number of passwords a user must use before a previously used password can be reused. The count options go up to ten. If you select Default, that means users cannot reuse the current password for the new password.
The Advanced Settings tab provides the ability to change the Organization Default Time Zone settings.
Organization Default Time Zones can be set for two feature groups. Each dropdown groups timezone settings by European, North America, Asia Pacific as well as Global. In the Global grouping, you have the option to set Coordinated Universal Time (UTC)
Web UI Timezone - In addition to being able to set to UTC, the option to set the timezone to the User’s System’s time is available here.
Notification & Snapshots Timezone can also be set independently.
The following resources contain further information related to ThousandEyes account management:
If the user is a member of more than one account group (in one or in multiple organizations), they can select their Login Account Group. This determines into which account group the user is placed upon login. Once logged in, users can switch between account groups with the Current Account Group selector in the User menu, as described in .
For users with enabled (i.e., users with the API Access permission), the User API Tokens section is visible, containing the API authentication tokens:
Two types of API authentication token are available: a token for and a token for . The primary purpose of the latter is providing an authentication mechanism for the .
A user with the View roles permission will be able to see the containing a table of all security Roles defined within the organization (1) and permissions associated with each Role (2):
The extensive list of permissions can be narrowed down by using the search bar (3). New roles can be defined by either clicking the Add New Role button (4) or by cloning one of the existing roles by clicking the icon under its name.
See the article for detailed information about ThousandEyes permission system.
The is visible for users having the View all users permission. As the name suggests, this section allows general user management:
For an extensive description of the ThousandEyes role-based permission system, see .
For users with the View all account groups permission, the will be visible. This tab displays all defined in the organization, along with the number of users and present in each account group. Users with the Edit all account groups permission can add, manage and delete account groups:
Expanding a row in the Account Groups table displays the account group's details and allows changes to the account group's name. The is also displayed for users to copy when installing Enterprise Agents.
See for further information about account groups and why having multiple account groups might be useful for you.
To change the current account group context, click on the icon in the upper right corner of the ThousandEyes platform and expand the Current Account Group drop-down menu. This will allow you to switch into another account group context.
The shows settings for Plan Usage and Cloud Agent Units. This tab is only accessible by organization administrators - relevant permissions are View billing, View organization usage, and View security & authentication settings:
For your convenience, there is a link available. This link leads you to the Unit Calculator, a tool that helps you estimate your future usage.
To fully understand ThousandEyes unit consumption, see .
If you have any questions regarding your usage numbers, contact your ThousandEyes account manager or the Customer Engineering team via .
Navigate to .
The shows current billing information for your organization. This tab is only accessible by users with the View billing permission:
If you have any questions regarding your plan details, contact your ThousandEyes account manager or the Customer Engineering team via .
An account group can be limited to a fixed quota of units from here. A user with the Can assign and edit quota permission will be able to see the :
Organization Quota: Total units a customer may use per billing cycle. For most customers, the default value is their monthly plan amount, which they cannot change (toggle and value field are disabled). For customers who have overages enabled, the toggle off setting means their usage is uncapped. Should they wish to set a specific amount of usage, they can toggle the setting on and set the value to their desired amount. See for more information about overages.
When the user has at least one of the View own activity log, View activity log for all users in account group, or View user activity in all account groups permissions, the is available showing events that have happened in your ThousandEyes account and is now visible from Account Settings > Activity Log:
explains all the details of the Activity Log.
SCIM Settings - To complement the SSO, SCIM-based automatic user provisioning is supported. For further information, see .
Single Sign-On (SSO) Settings. For information about how to configure SSO, see .
There is a series of articles available in our documentation describing -based Single Sign-On (SSO) configuration settings. Start with , which contains further links to identity provider-specific SSO setup guides, or use the search feature at the top of this page to find the SSO setup guide for your identity provider (IdP).
To complement the SSO, SCIM-based automatic user provisioning is supported as well. Consult the article for further information.
explains how the ThousandEyes permission system works.
is a starting point for configuring SSO integration with your SAML-based identity provider.
describes the configuration of SCIM-based automatic user creation.
outlines how tests contribute to your account's overall Unit consumption.
describes how to audit events happening in your ThousandEyes account.
