Editing Your User Profile

You can edit your user profile directly from Stellar Cyber's main toolbar. Click your account name on the menu bar and then select the Profile option, as illustrated below.

The User Profile window appears, allowing you to manage your profile, see your recent activities, and manage your API keys.

Managing User Settings in the User Profile Window

Use the following sections to understand the options available to customize your profile.

Identity

Although the system appears to let you edit the field, a User Name cannot be changed by you or another administrator. You can edit your Display Name, Phone Number, and Email Address.

Language Preference

You can change the language used in the Stellar Cyber UI. This change takes effect immediately when you select Submit.

Password

This option does not appear for deployments configured with Single Sign On (SSO). For deployments with individual logins configured in Stellar Cyber:

  1. Select your login name at the top of the page.

  2. Select Profile.

    The User Profile screen appears.

  3. Select Change Password.

    The password fields and requirements are displayed.

    • At least 8 characters

    • At least 1 uppercase letter

    • At least 1 lowercase letter

    • At least 1 number

    • At least 1 special character, such as: @ ! # $ % + / =

  4. Enter your current password.

  5. Enter your new password.

  6. Reenter your new password.

  7. Select Submit.

    Your password is immediately changed.

You can now log out of Stellar Cyber and log in with your new password.

You can customize the Stellar Cyber UI in several ways.

Use a Query as a Preset Filter (Deprecated)

Enable this to automatically filter all results with the query you create. Select the check box to see the query creation tool.

User Scope & Privilege

You can change your scope and privilege. You cannot grant yourself a higher scope or privilege; an admin must do that from the User Management page.

Two-Factor Authentication

Enable this to use two-factor authentication (2FA) the next time you log in. You can also use this section to reset the status of your 2FA, which allows you to configure a different Authenticator application.

  • The overall Global Settings for 2FA affect authentication for partners and tenant users. For example, if 2FA is Mandatory, all users must use 2FA.

  • Enabling 2FA here is independent of what you have configured on your SSO service. Enabling it here causes a separate 2FA prompt to be displayed upon logging in to Stellar Cyber.

  • The 2FA page from Stellar Cyber refers to use of Google Authenticator, but other authenticator applications also work.

Recent Activities

To see your recent activities, click the Recent Activities tab at the top of the screen. A searchable, sortable list of recent activities appears. You can use the Export CSV button if you would like to import the log of recent activities into a spreadsheet application.

User Profile Recent Activities screen

To see the JSON data corresponding to user activities, click the JSON Data button in the Data column for the corresponding activity. Note that logging out does not generate JSON data.

Managing API Keys in the 5.4.1 Release

This section describes a feature that is only available as part of an Early Access Program in the 5.4.1 release and may not appear in your version of the Stellar Cyber Platform. Contact your account manager to inquire about taking part in an Early Access Program.

The API Keys tab lets you create and revoke your personal keys used to access the Stellar Cyber API. The keys listed here are specific to your account and are limited by your user scope (tenancy) and RBAC privileges:

  • You can only make calls to the public API endpoints available to your RBAC privileges.

  • You can only access API data available to your account's user scope and tenancy. For example:

    • A partner user can access data for any of its associated tenants.

    • A tenant user can only access data for its own tenancy.

    • A root user can access data from the entire platform.

You use the API keys listed here to generate a JSON Web Token for access to the API.

Administrative users can also revoke keys for users with lower privileges than their own. You do that with the Edit User tool in the System | Users page. They cannot, however, create a key for another user.

About API Keys in the 5.4.1 Release

Previous releases only granted public API access to users with Root scope and Super Admin privileges. The 5.4.1 release also introduces per-user API keys, scoped to a user's RBAC privileges and tenancy as an Early Access Program feature. If this feature is enabled in your deployment, you will see an API Keys tab in the User Profile dialog box, as illustrated below:

The Early Access Program implementation of API keys has the following benefits:

  • Respects the industry-standard principle of least privilege, only granting an API key the tools that it needs to perform the job you want it to do.

  • Allows easy breach isolation, with API keys tied to specific users.

  • Enables immediate key revocation to contain exposures quickly and limit the dwell time of any unauthorized access.

Stellar Cyber recommends that you consider creating service accounts scoped with only the RBAC privileges necessary to perform specific tasks. This way you can grant personnel just the access they need to perform specific API tasks.

Creating an API Key in the User Profile Window

Use the following procedure to create an API key in the User Profile window:

  1. Click on the API Keys tab in the User Profile window:

    User Profile Recent Activities screen

  2. Click the Create API Key button to generate a new key for your account.

  3. Supply a name for your key in the window that appears and click Create. Choose a name that is short and memorable so you can easily identify the purpose of the key in Stellar Cyber displays.

    User Profile Recent Activities screen

  4. Use the Copy button to copy your API key now and store it somewhere safe. For security reasons, you will not be able to retrieve the key from within Stellar Cyber later on.

    If you do lose or forget your key, you can always revoke it and generate a new one. However, you'll also need to update any scripts that use the old key so that they'll continue to work with the new one.

    User Profile Recent Activities screen

  5. Click Close once you have copied the key.

    The new key appears in the list with its name, status, and the last time it was accessed. In addition, a Revoke button appears in the Action column, allowing you to revoke a specific key on demand.

    User Profile Recent Activities screen

Revoking an API Key in the User Profile Window

You can revoke your API keys in the User Profile window's API Keys tab:

  • Revoke an individual key by locating the key you want to revoke in the list and clicking its Revoke button in the Action column.

  • Revoke all of your API keys by clicking the Revoke all API Keys button at the top of the API Keys tab. Then, click Revoke all in the confirmation prompt that appears.

User Profile Recent Activities screen

Revoked Keys Continue to Appear

Revoked keys continue to appear in the list of API Keys with a Status of Revoked for a few days after they have been revoked. This can be helpful when you need to remind yourself of which API keys you've revoked so you can update any scripts using the keys. Keep in mind, however, that once a key has been revoked, it cannot be reverted to Active.

API Keys and the Activity Log

Stellar Cyber records an entry in the Activity Log each time an API key is created or revoked.