03: User Management Changes on Axis

With the integration of AWS Cognito, several important changes have been introduced to simplify user management in Axis.

Main Changes Overview:

• Email as Primary Identifier
  • Previously, users logged in with a separate Username field. This has been removed.
  • Email is now the only identifier used for logging into Axis. 

• Password Management
  • Admin users can no longer manually set or change user passwords.
  • Password fields have been removed from all user management screens.
  • Passwords are now automatically generated and securely managed using AWS Cognito.
  • Users set their own passwords securely by completing the Axis “Forgot Password” flow via email.

• Contact Information Simplification
  • Multiple contact information fields (Home Phone, Cell Phone, Work Phone, SMS, Secondary Email) have been consolidated.
  • A single Phone field now replaces these fields, simplifying the user interface and data storage. The phone field will be used for MFA. 
  • Phone is accepted in the formats +XXXXXXXXXXX or XXX-XXX-XXXX to align with Cognito requirements

• Simplified User Interface
  • Simplified user creation, account management and editing processes.

3.1 User Creation

The process for creating new Axis Users (Organization Level 2, 3, 4) has been updated to align with AWS Cognito integration, simplifying the workflow.

• Username Field Removed:
  • Users now log in using their email addresses only.
• Password Management:
  • Password fields removed from the creation form.
  • Passwords auto-generated using enhanced GUID to meet Cognito requirements.
• Contact Information Simplification:
  • Consolidated into a single Phone field.
  • Accepted formats:
    • International: +XXXXXXXXXX
    • US format: XXX-XXX-XXXX
  • Immediate validation feedback on incorrect phone formats.

• Simplified User Creation Form:
  • Reduced steps, emphasizing essential user details: Email, Name, Organization, and Phone.

Summary of User Creation Workflow:

1. Admin fills in essential user details.
2. Backend generates secure passwords.
3. Account creation synchronized in Axis and Cognito.
4. Welcome email with login credentials sent automatically.
5. No password reset required at first login, but users can change their password anytime through the Axis “Forgot Password” feature.

3.2 My Account Page 

With the integration of AWS Cognito, the My Account page has undergone the following updates:

Summary of Changes:

• Username Removed:
  • The Username field has been removed.
  • Email is now displayed as the primary and sole login identifier.
• Password Management Removed:
  • The Password field and the Change Password button have been completely removed.
  • Users now manage passwords exclusively through the Axis “Forgot Password” workflow, which is powered by AWS Cognito.
• Phone Field Added:
  • A single standardized Phone field has been added (optional).
  • Supported formats:
    • International: +XXXXXXXXXXX
    • US format: XXX-XXX-XXXX
  • Validation and error messages displayed immediately if format is incorrect.
  • User can edit phone number directly via textbox edit 
• Time Zone Field Updated:
  • The Time Zone field is now an editable dropdown menu, allowing users to select a new time zone directly without using a separate “Change” button.
  • The dropdown lists all available time zones in the standard (UTC±HH:MM) Location format.
• Services Section Updated:
  • The Services section layout has been simplified.
  • Role selection options for each service (e.g., None, User, Super User, Limited User) are no longer displayed on the My Account page.
  • Only the current role for each service is now shown (for example, “Super User” or “None”), without the ability to change it directly from this page.
  • This change makes the My Account page read-only for service roles, ensuring role assignments are managed exclusively by administrators in the user management interface.