# Create New User
Click on the "+ New User" button to create a new user. The following dialog box will appear:
When creating a new user, the CA Administrator requires the user's information to be provided in three sections:\
\
**1. Map to group** - assigns the user to a specific group.\
**2. Basic Information** - contains basic details about the user.\
**3. Other Details** - contains details such as the login type, signature algorithm, key algorithm and size, and validity.
### Map a Group
{% hint style="info" %}
Please note that fields marked with an asterisk (\*) are mandatory.
{% endhint %}
CA Admin users can select a group and access type from a dropdown, or choose an existing group with a predefined access type.
When selecting a group, please choose from the available options.
* New (to create a new mandate group)
* or an existing group (default group is GRP\_001)
If the user selects "New" as the group and "ALL" as the access type from the dropdown, the screen will prompt with certificate features as shown below:
The user can then select the certificate features based on their requirements.
* X509 Certificate
* EMV Certificate
* CVC Certificate
By default, the system selects at least one certificate feature. Users can select multiple features by checking the respective boxes.
### Basic Information
In the "Basic Information" section, CA Admin users must provide mandatory information.
**Common Name (CN):** Provide a unique "Common Name" (CN) for the Administrator certificate, serving as the alias of the new role owner.
**Email:** Enter the **"Email"** for the new Administrator, used as the username and contact for the E-Mail Notification Service.
**Organization Name (O):** Enter the legal **"Organization Name"** (O) of your company to associate the certificate with the correct organization.
**Country Code:** Enter the **"Country code"** using either the 2- or 3-letter Country Code, specifying the country code for proper identification.
**Role Selection:** Select **"Administrator"** from the dropdown box as the only available role for CA Administrators.
**Optional Parameters:** Optionally fill in any additional parameters as required for customization based on specific needs or preferences.
### Other Details
The image below which illustrates the **"Other Details"** section for user login preferences.
Users can choose from three login types based on their needs.
* Hard token
* Soft token
* Password
#### Hard token
If a user selects the **"Hard token"** option, they need to insert the crypto token into their system. Once the token is plugged in, they can select it from the dropdown menu. In addition, they must enter the token password. Following this process, a pfx file will be created and saved in the crypto token. This pfx file enables the user to use the token while logging in.
**Soft token**
When a user chooses the **"Soft token"** login type, they have two options to choose from: **"Manual"** and **"Automatic"**.
If the user must select **"Manual"** and click **"Browse"** to save the Administrator's soft token in the preferred location.
If the user selects the **"Automatic"** option, the user must click **"Browse"** to specify where the Administrator's soft token should be generated.
#### Password
When the user selects the Password-based login type, they are given the same two options **"Manual"** and **"Automatic"**:
Choosing the **"Manual"** option prompts the user to enter and confirm their password.
The **"Automatic"** option does not require a password.
After selecting the login type, choose a recommended "signature algorithm" for either soft or hard token login, and then select a recommended key algorithm and size.
Finally, specify the new period of validity in the designated fields next to **"Validity"**.
{% hint style="info" %}
Note that the period of validity cannot exceed the period of validity of any of the CA Administrators.
{% endhint %}
After providing all necessary information, click "Proceed" and authenticate the action by verifying user identity with CA Administrator tokens and clicking "Authenticate."
Once authentication is successful, click on the **"Create User"** button to generate the new Administrator user.
After successfully creating the Administrator user, various options will become accessible such as **"Create New"** and **"View All"**
**Create New:**
Selecting **"Create New"** allows users to initiate the process of generating another new Administrator User. This involves following the same process as before.
**View All**
By selecting the **"View All"** option, users can access a grid that showcases all the Administrator users that have been created. This grid provides a clear overview of the existing Administrator accounts.
In the following screen, click on  to view the Administrator certificate details:
**Renew:**
* Click on to renew an Administrator that is about to expire.
* This icon is only available for soon-to-expire Administrators. The default threshold for expiring Administrators is 31 days but may vary depending on the customer specific configuration.
**Deactivate:**
* Click on  to deactivate an Administrator.
* Deactivating an Administrator blocks them from logging into emCA. It does not revoke their access but merely suspends it.
* After clicking on , the following warning message is shown:
* Click **Yes** to proceed. You will be prompted to authenticate the deactivation action:
* Authenticate using all CA Administrator Credentials and proceed by pressing Authenticate.
* Click on Deactivate to proceed. The following message is displayed upon completion:
* Click on  to activate an Administrator.
* Activating an Administrator reenables their access to emCA.
* After clicking on  , the following warning message is shown:
Click Yes to proceed. You will be prompted to authenticate the activation action:
Authenticate using **all CA Administrator Credentials** and proceed by pressing Authenticate.
Click on **Activate** to proceed. The following message is displayed upon completion:
* Click on  to delete an Administrator.
* An Administrator that has been deleted, cannot be recovered! Consider deactivating an Administrator before deleting it.
* After clicking on  , the following warning message is shown:
Click Yes to proceed. You will be prompted to authenticate the deletion action:
Authenticate using **all CA Administrator Credentials** and proceed by pressing **Authenticate.**
Click on **Delete** to proceed. The following message is displayed upon completion:
* Clicking on **Export to Excel** will trigger an automatic download of an XLSX file to the standard download location of your OS.
* The generated XLSX file will have the name **ManageUsers\_Report.xlsx.**
* This XLSX file contains the displayed table of Administrators in a tabular format.
