All Products
Search

This Product

    Secure Access Service Edge:Employee Center

    Document Center

    Secure Access Service Edge:Employee Center

    Last Updated:Jun 21, 2026

    This document describes how to view the organization chart and user information for an identity source and how to add departments and users for a custom identity source.

    Background

    If your enterprise does not use an identity source to manage its organization chart, you can create an organization chart by using a custom identity source in SASE to ensure that user identities are valid. If you already use an identity source, you can directly integrate it with SASE to synchronize your organization chart. Your employees can then use their unified corporate identities to log in to the SASE App. After you create an identity source, you can view the organization chart and employee information synchronized from a third-party identity source in the Employee Center. For a custom identity source, you can also create an organization chart and add user information.

    Prerequisites

    You have created an identity source and synchronized information from the third-party identity source. For more information, see identity synchronization.

    Custom identity sources

    After you create a custom identity source, you can add and manage its departments and users in the Employee Center.

    Add departments and users

    1. Log on to the Secure Access Service Edge console.

    2. In the navigation pane, choose Identity Authentication > Identity Access.

    3. On the Employee Center tab, select your custom identity source from the drop-down list.

      After you select the identity source, the left side of the page displays the identity source tree with a Create Department button. The right side displays an Add User button and the user list.

    4. Click Create Department, enter a Department Name in the dialog box, and click OK.

      You can repeat this step to create multiple departments.

    5. Select the department to which you want to add users and click Add User.

    6. In the Add User panel, configure the user information and click OK.

      User information includes Username (required), Password, Department (required), Position, Email Address (required), Mobile Phone Number, Employment Status, User Tags, Account Expiration Time, among other fields.

      You can add users in the following two ways:

      • Manually Add

        Enter the user information in the fields provided.

      • Batch Import

        Click Download Import Template, fill in the user information, and then upload the file.

      Important

      • If you do not configure a Password, after the user information is added, SASE will send each user's username and an automatically generated password to the corresponding email address. The username and password are used to log in to the SASE App. Please store them securely.

    Manage user information

    1. Select a department to view its users in the list.

      The user list includes columns for Username, Email Address, Account Status, Department, Employment Status, Position, Mobile Phone Number, Account Expiration Time, and Actions. The Actions column contains Details, Edit, and Delete actions. You can click Add User above the list to add a new user.

      • Account Status:

        • Pending Activation: Indicates that the employee has not yet logged on to the SASE App.

        • Enabled: Indicates that the user has successfully logged on to the SASE App.

        • Suspended: Indicates that the user account is disabled. The user cannot log on to the SASE App, and any logged-on user will be forced to log out.

      • Account Expiration Time: When an account expires, the Account Status automatically changes to Suspended.

    2. You can view user details, and edit or delete user information.

      • View details

        1. In the Actions column, click Details.

        2. In the Details panel, view the detailed information for the user.

          • For a user with an Account Status of Enabled or Pending Activation, you can click Disable Account.

            After an account is disabled, the user cannot log on to the SASE App, and any logged-on user will be forced to log out.

          • For a user with an Account Status of Suspended, you can click Enable Account.

      • Edit

        1. In the Actions column, click Edit.

        2. In the Edit User panel, modify the user information and click OK.

      • Delete: In the Actions column, click Delete, and then click OK.

        Important

        A deleted user can no longer log on to the SASE App. Proceed with caution.

    3. Add or remove User Tags for a user.

      1. To add a User Tags: Find the user, and in the User Tags column, click image. You can then select an User Tags or create a Add User Tag.

      2. To remove a User Tags: Find the user. In the User Tags column, hover over the tag you want to remove and click image. Then, follow the on-screen instructions.

    Third-party identity sources

    After you create an identity source and complete the automatic synchronization, you can view the synchronized organization chart and employee information in the Employee Center.

    1. Log on to the Secure Access Service Edge console.

    2. In the navigation pane, choose Identity Authentication > Identity Access.

    3. On the Employee Center tab, select a third-party identity source from the drop-down list to view its organization chart and employee information.

      • Account Status:

        • Pending Activation: Indicates that the employee has not yet logged on to the SASE App.

        • Enabled: Indicates that the user has successfully logged on to the SASE App.

        • Suspended: Indicates that the user account is disabled. The user cannot log on to the SASE App, and any logged-on user will be forced to log out.

      • View details

        1. In the Actions column, click Details.

        2. In the Details panel, view the detailed information for the user.

          • For a user with an Account Status of Enabled or Pending Activation, you can click Disable Account.

            After an account is disabled, the user cannot log on to the SASE App, and any logged-on user will be forced to log out.

          • For a user with an Account Status of Suspended, you can click Enable Account.

      • Edit

        1. In the Actions column, click Edit.

        2. In the Edit User panel, you can only modify the user's Position and Employment Status. Then, click OK.

      Note

      For third-party identity sources, you cannot add new users, delete users, or modify important user information, such as their department, email address, or mobile phone number. To perform these actions, you must use the console of the third-party identity source. After making the changes, run an identity synchronization.