Manage user account: CSR perspective
Arc XP Identity provides to Customer Service Representative (CSR) a comprehensive platform to manage end-user data efficiently. This platform is widely known as the Arc Admin tool. With an intuitive interface and powerful features, CSRs can quickly access, update, and audit user information, ensuring a seamless and responsive customer service experience. By centralizing data management, the system enhances accuracy, reduces response times, and helps deliver personalized support, making it an essential tool for maintaining high-quality customer interactions.
This page will walk you through use cases related to Arc XP Identity using the Arc Admin tool.
User Search
The landing page of the “Subscriptions app” provides CSRs with an easy way for searching and retrieving user account information.
On this page, CSRs can search for user accounts using some parameters. Depending on the selected parameter, our system retrieves matching user accounts in different ways. CSRs can fill in one or multiple fields, and the system will retrieve the results that best match all the entered parameters.
| PARAMETER | DESCRIPTION |
|---|---|
| First name | Our system performs a search based on the prefix. For example, if you enter “Jess”, the system will return all these user accounts whose first name is “Jess” or starts with “Jess” i.e. “Jess”, “Jessi”, “Jessica” will be returned. |
| Last name | Our system performs a search based on the prefix. For example, if you enter “Smith”, the system will return all these user accounts whose last name is “Smith” or starts with “Smith” i.e. “Smith”, “Smithson”, “Smitherman” will be returned. |
When searching by email you have two options:
| |
| Phone number | Our system performs a search based on the prefix. For example, if you enter “1234”, the system will return all user accounts whose phone number is “1234” or starts with “1234”. |
| Login ID | Login ID (‘uuid’) corresponds to the unique user identifier of the user account. For this field, we are searching for exact match. |
Once you enter the parameter(s), the system may return one or more results. By clicking on the Name of any row, you can navigate to a page that provides additional user account details.
CSR Audit
Once you navigate to the account details, you’ll land on a page that provides a summary of the account in the sidebar. By default, you will see the Activity tab in the main section of the page. Here, you can view a history of the changes applied to the account.
Sidebar
On the sidebar, you will find various user account details, including:
- First name, last name and second last name. If all this attributes are null, then email. If email is null, then
No value provided. - Date and identity type for last login and account created
- Account Status: This can either be Active or Inactive.
- Primary email
- The Login ID corresponds to a UUID (Unique User Identifier)
Depending on the account status, two additional labels may be displayed in the sidebar:
PENDING DELETION: This label will appear if the account is scheduled for deletion, either due to a manual request or an automated system process.LOGIN LOCKED: This label will appear after several failed login attempts.
These two labels are related and will appear based on the tenant settings. For more details, see User Account Configuration.
Activity Tab
The Activity tab displays a listing of the user’s account history. The activity is shown in descending order, starting from the most recent activities and moving towards the oldest. This page also offers the option to:
- Filter activity cards by type: The options on the filter will appear dynamically depending on the activities for the user account.
- Add notes: The notes feature is particularly useful for CSRs during calls with end users, allowing them to record details about the conversation directly into the account.
Each activity card follows a similar structure:
- A badge indicating the activity type.
- The date and time the action was performed.
- A description of the action.
Depending on the activity, the system may provide additional information on the card. For example, the person who performed the action, the old and new value when some attributes are updated. Some cards also feature an overflow icon, allowing additional actions to be taken.
| ACTIVITY CARD | DETAIL |
|---|---|
| Account Creation |
| Note |
| Link/unlink social identity |
| Email verified |
| Change Account Status: Enable/Disable User Account. Once an account is created, it is set to active status by default. However, if bad behavior is detected, the account may need to be disabled to prevent the user from accessing the system. This action can only be performed by a CSR. |
| Add/Update phone number |
| Change password: This action is performed by the owner account. |
| Change name |
| Change gender |
| Change email |
| Change birthday |
| Add/remove/change address |
| Request account deletion |
| Product Change Scheduled |
CSR Management
The Admin tool includes two tabs related to the user account. These tabs provide a CSR with details about the user account and enable different features and management options for the account.
Account Access
Customer Email
Each user account can have two emails: a primary email and an unverified email. The unverified email will appear in the following scenarios:
- The unverified email will be the primary email if the user account was created using email + password, but this email has not yet been verified.
- There is a primary email (there is a verified email), but it was edited and the new email not yet been verified. On this case, both emails will appear, and the the pending email become the primary email once the pending email is verified.
When a unverified email exists, several options will appear: verify email, request email verification, edit email, send password reset email.
Each time a user account is created using an email and password, a VERIFY_EMAIL event is automatically dispatched. This event contains a nonce, which must be shared with the account owner. Once the nonce is used, the email becomes the primary email for the account.
- Verify email: Although it’s not recommended, as having the account owner verify the email themselves proves they have access to the provided email address, a CSR can sometimes verify the account on behalf of the user through the Admin tool, bypassing any action required from the user.
- Request email verification: If there is a pending email, it must be verified to become the primary email. We offer users the option to request verification themselves, but a CSR can also initiate the process. The CSR can trigger a VERIFY_EMAIL event by clicking on “Request email verification”.
- Edit email: This option updates the current email. If no primary email exists, the new email will replace the unverified email. However, if a primary email is already present, the new email will update the unverified email.
- Send password reset email: We provide the option for users to request a password reset themselves, but a CSR can also initiate the process. When the CSR clicks “Send password reset email,” a PASSWORD_RESET_REQUEST event is dispatched. The information from this event can then be shared with the account owner to complete the password reset process.
If only a primary email exists, “edit email” and “send password reset email” will appear.
Login Method
A user account can have multiple identities attached (See Authentication: Password, Social, OIDC, and one-time access link). In the login methods section, you can find information about the social identities linked to the user account. If more than one identity is attached (password being one type of identity), a “Remove” button will appear for each identity linked. This allows the CSR to unlink an identity from the account.
In the Additional subsection, you will find an item for each social third-party identity set up via OIDC. A “Remove” button will also appear if an identity of this type is linked to the account.
Account Status
This section provides details about the “Account Status”.
- If the user account is in Active status, the Disable account option will be available.
- If the user account is in Inactive status, the Enable account option will be available.
- For accounts without pending deletion requests, the Request deletion option will appear. If Request deletion button is clicked, a pending deletion task is created and the page will show “Account deletion pending” label. The task request should be approved by an administrator, before delete all the customer’s account information. See Pending account deletion request for additional details.
- If an account is locked due to multiple failed login attempts, the Unlock login option will appear.
Session Management
Sometimes, an end user might contact a customer representative if they believe their account security is compromised, particularly if their user session is open on devices they do not have access to. In such cases, a CSR can take action to invalidate all active sessions for the user account. This action will log the user out of all devices and browsers where they are currently logged in.
Customer Information
On this tab, the CSR can update various profile parameters (see What is an Arc XP Identity account), including first name, last name, and second last name, among others.
After the CSR updates any fields in the form, a toolbar will appear with the Save option to save the changes.
Pending Account Deletion Request
An account deletion request can be made by the account owner, a developer, a CSR or it can be created automatically by de system depending on the user account configuration (see User account configuration: manage sessions, automatic account deletion). Once the request is submitted, a pending deletion task is created. CSRs can view all accounts with pending deletion tasks under the “Request” tab. To proceed with deleting all of the customer’s account information, the task must be approved by an administrator.
If the deletion task was created by mistake or if an administrator wants to decline the request, they need to review the task and select “Reject Deletion”
