Configuring Accounts

  1. Go to Administration > Account Management.
  2. Add or edit an account:
    • For new accounts:

      1. Click Add.

      2. Select an Account type:

        • For local accounts:

          1. Select Local account.

          2. Type an Account name.

          3. Type an Email address.

        • For single sign-on accounts:

          1. Select SAML account.

          2. Type an SAML user or group name.


          You must configure SAML Single Sign-On to select SAML account as Account type.

          For more information, see SAML Single Sign-On.

    • For existing accounts:

      1. Click the account name.

      2. (Optional) Reset and type a new password, or resend the verification email message.

  3. Select a Role.

    For more information, see User Roles.

  4. Select an Access level.
  5. (Optional) Copy, delete, or generate a new Authentication token.
    • You must generate an authentication token to allow third-party applications to implement the available Trend Micro Vision One APIs. The authentication token only displays when you select APIs only or Trend Micro Vision One console and APIs as Access level. By default, an authentication token expires 1 year after creation but can be deleted and re-generated at any time when there is a concern that the authentication token has been compromised.

    • Each authentication token is associated with a role, which requires the necessary permissions to access specific APIs. For a list of the necessary permissions, see

    • Trend Micro Vision One does not automatically send the authentication token to the user. You must copy the authentication token and send it to the user manually.

    • This action can only be performed by an account with the Master Administrator role.

  6. (Optional) When editing an account, enable or disable the account by clicking the Status toggle.
  7. (Optional) Specify a description for this account.
  8. Click Add or Save.
    • For local accounts:

      • Users must verify their email address and create their password.

        The verification link expires after 24 hours. If the verification link has expired, any account with the Master Administrator role can resend the verification email message.

    • For SAML accounts:

      • Users must provide their credentials to log on.