Create and Manage Organizations

As an Admin, you can:

  • Create new organizations
  • Create tenants (parent groups) to group multiple organizations
  • Search for and switch between organizations
  • Ensure organization communication with AWS

Create a New Organization

To create a new organization:

  1. On the left side of the page, click Account from the expanded menu.
  2. Click Manage Organizations.
195

Manage Organizations option

  1. From the Manage Organizations page, click Create Organization at the top right of the page:
1373

Manage Organizations page

  1. From the Create Organization dialog, enter the Organization Name, Slug, and Email Domain Name. If you have a Tetra Managed or Customer Hosted and Tetra Managed deployment, you can select an existing tenant to add the new organization as part of a parent group containing multiple organizations.

🚧

Slug and Email Domain

  • Once you enter a slug and email domain for the organization, and then save the new organization, you cannot change their values.
  • Use only lowercase characters, numbers, and hyphens for the slug and email domain name.
535

Create new organization

  1. Additionally, you can toggle these password settings based on your particular company's security policies to enforce more rigorous password requirements:
  • Enforce additional password complexity: Set to require that passwords must satisfy a more complex definition where: at least one upper and lower case letter, a number, and a special character is required and the password cannot start nor end with a number.
  • Enforce no password reuse: Set to prevent passwords from matching the current password or any of the previous five passwords from the user's password history.
  • Enable password expiry: Set to have the password expire after a configured number of days, and have it be changed on the first user log in attempt.
  • Enable account lock: Set to lock the user's account after a configured number of failed log in attempts.
  • Enable self-service password reset: Set to enable users to reset their own password if they have forgotten it.
  1. Click Save to create the new organization and add it to the list displayed on the Manage Organizations page.

Create a New Tenant

📘

Note

This feature is only available for Tetra Managed or Customer Hosted and Tetra Managed TDP deployments.

To create a new tenant (parent group):

  1. On the left side of the page, click Account from the expanded menu.
  2. Click Manage Organizations.
  3. From the Manage Organizations page, click Tenant at the top right of the page:
526

Create New Tenant

  1. Enter the Tenant Name, its Subdomain group, and the organizations (children) you want to include in the tenant (parent) group.
  2. To enable users to log in using Single Sign-On (SSO), slide the toggle to Enable to display these additional fields:
528

With SSO Enabled

  • SSO Domain: Enter the identifying Cognito domain prefix previously entered in the App Integration section of AWS Cognito, for example: https://acme-demo.auth.us-east-2.amazoncognito.com
  • SSO Redirect URL: Enter the sign in and sign out URL previously entered in AWS Cognito, for example: https://tetrascience-dev.com/acme-demo/login/sso
  • SSO Client ID: Enter the client ID from the App Integration section of AWS Cognito.
  • SSO Client Secret: Enter the client secret from the App Integration section of AWS Cognito.
  • SSO Provider Name: Enter the provider name from AWS Cognitor, for example: SAML
  • SSO Disclaimer: Enter text that will display on the Tetra Data Platform log in dialog alerting users that SSO has been enabled for your organization.
  1. Click Save to create the new tenant (with its child organizations) and add it to the list displayed on the Manage Organizations page.

After you create a tenant, you can edit it by selecting the Edit button on the right side of the Manage Organizations page. You can change the tenant's name, add or remove organizations, and enable SSO.

Search For and Switch Between Organizations

  • You can search for and quickly locate an existing organization by typing the organization name in the Search box at the top of the Manage Organizations page.
  • You can switch between organizations. From the Manage Organizations page, you can change which organization is designated as the active organization. Click Switch next to the organization you want to change to active. The selected organization becomes active (indicated by a gray Current label and by the current organization name label displayed at the bottom of the page) while the previous organization becomes inactive.

Organization Communication with AWS

Based on your specific AWS or network set up, creating a new organization may not be successful due to proxy or firewall restrictions. As a result, you may see various issues when uploading files, such as: KMS errors, missing Data Hub policy, and so on. If errors do exist, then to ensure that each organization you create is able to communicate with AWS through the API, you must click the AWS button next to the organization name listed on the Manage Organizations page. After you click the AWS button, a Success! message should display indicating communication has been established. Click Dismiss to remove the message.