A user is a digital object representing a person that has any access right to the Tulip system. There are two types of users:

  1. Users- Users with some level of access to Tulip
  2. Operators- Users with access to the Tulip Player for running Tulip apps

The User Model contains the following Models:

When actions are completed in Tulip or Tulip Player, they are always attributed to an individual User.

Tulip Users can authenticate via the following methods:

  • LDAP
  • SAML
  • Email/Password
  • Badge ID (Tulip Player only)

See the Authentication Methods page for more details

Once a user is created, it is permanently stored in the Tulip account. It can be “deactivated” so that the user is no longer allowed to log into Tulip or the Tulip Player.

If a user is “deactivated”, then another user can use their badge ID.


NameThe name defined by the user
User IDThe unique identifier of the user. This value is often mapped to an organization's auth system.
EmailThe email address given by the user. Required for login.
PasswordThe password given by the user. Required for logging into Tulip. This value is often mapped to an organization's auth system.
Badge IDA unique alphanumeric ID assigned by a Tulip user with user “create” privileges.
RoleA specific role from the list of User Roles
User FieldsA list of custom fields that are given to every user by a user with access to the “User Fields” page
StatusThe user’s status around logging into Tulip- either active, deactivated or pending
ImageA custom image that will be displayed as a headshot
Phone NumberA phone number that can be texted from a Tulip app. A user can only enter their own phone number.
LanguageBy default, Tulip will attempt to use the same language as the browser default. The user can manually set this to another language.


QA-T4User Management : 01 - Create new administrator account
QA-T5User Management : 02 - Receive welcome e-mail and registration link
QA-T6User Management : 03 - Password Creation for New Admin
QA-T10User Management : 04 - Log in with new admin
QA-T11User Management : 05 - Cannot Create an Admin with an Email Already In Use
QA-T12User Management : 06 - Add phone number to admin account
QA-T13User Management : 07 - Upload image for Admin icon on /account
QA-T16User Management : 08 - Create new operator account
QA-T120Group-Restricted LDAP : 02 - Users in the configured admin group can log in
QA-T121Group-Restricted LDAP : 03 - Users operator group can log in
QA-T122Group-Restricted LDAP : 04 - Admins should not be able to create Users
QA-T123Group-Restricted LDAP : 05 - Deactivated users should still be able to log in
QA-T171SAML : 02 - Admins can log in to Factory using SAML
QA-T172SAML : 04 - Operators can log into Player using SAML
QA-T177SAML : 08 - Operators whose role changes to Administrator in SAML should be promoted to Administrator in Tulip
QA-T178SAML : 07 - Administrators whose role changes to Operator in SAML should be demoted to Operator in Tulip
QA-T260User Roles : 01 - Account Owners can add other Account Owners
QA-T261User Roles : 03 - Account Owners can edit other users' profiles
QA-T262User Roles : 02 - Account Owners can create users
QA-T263User Roles : 04 - Account Owners should be able to deactivate/reactivate users
QA-T264User Roles : 05 - Administrators should not be able to manage users
QA-T265User Roles : 06 - Tulip Table Supervisors should not be able to manage connectors
QA-T266User Roles : 07 - Tulip Table Supervisors should not be able to manage the shop floor
QA-T267User Roles : 08 - Viewers should be unable to modify data in Tulip
QA-T279User Management : 10 - Users can change their password
QA-T331LDAP Tulip Managed : 01 - Creating Users
QA-T332LDAP Tulip Managed : 02 - Users can log in via LDAP
QA-T333LDAP Tulip Managed : 03 - Deactivated Users can't Log In
QA-T387User Management : 11 - User Deactivation


43All user maintenance activities shall be recorded.
50Disallow deletion of content that have been used in execution of a work order or material processing.
104All tracked information must be accessible and viewable for users in a workflow.
813All data shall be Attributable; data must be identified to the person who did the data collection. Records shall include information about how the data was acquired, action/activity performed, where and and when
842Support specific number of concurrent users as defined by customer license agreements and SLAs