Make user management more consistent

Product name

Nuki web

Summary

The way to create and manage users seems inconsistent. It shall be harmonized in a way so that every user that appears in Nuki web looks the same and has the same attributes.

Features

The difference between users created in the Nuki app and via Nuki Web is unclear. It is also unclear why one would want to merge Nuki App users and Nuki web users, why do I need to do think about it anyway?
It is also not clear what happens if I merge my admin user account that was created during initial Nuki setup with another Nuki web user. Why is the user I log in as an admin different from users that are created in Nuki web?
Furthermore, there are different ways to create a Nuki Web user:

  1. https://web.nuki.io/en/#/admin/users
  2. https://web.nuki.io/en/#/admin/rights

It is totally unclear what the difference is and why there are 2 totally separate ways. I can see that there is a segregation of duties somehow but it is really confusing. Using the “rights” way I can decide for access on a granular level. Using the “users” way I cannot do this and those users wouldn’t appear under “Rights management” afterwards.

Reason

Logical, consistent and secure way to manage access to my locks.

Examples

Every time I manage access to my locks.

A Smart Lock user is per se a local user, whose credentials are stored at the Smart Lock and for whom we else have no data at all.
To be able to easily give access rights to mulitple Smart Locks at once via Nuki Web you need to set up a user with an e-mail adress so (multi-)invite codes can be sent directly via Nuki Web (using this e-mail-adress).

Merging users can be used to consolidate existing SL users with the same goal as described above: Easier manage user rights for multiple Smart Locks for one person. (As app users from different Smart Locks are by definition always different users.)

This is completely separated from Smart Lock users and only sets up sub-accounts for your Nuki Web.
So you can give other people (admin or restricted) access to your Nuki Web account regardless if there is a Smart Lock user with the same e-mail-adress or not and regardles of Smart Lock rights a user might have (or not).

Thanks for the clarification, Stephan. Most of it was obvious to me already, question is do other users have the same understanding about the technology behind :wink:

The different views and processes seem to have a direct relation to how it all works behind the scenes. The presentation to the end-user could be improved in a couple of ways:

  • Do not talk about “user” when it is not the same object you are talking about.
  • Maybe replace the “merge” mechanism simply by letting people add an email address to a user that was created on a lock before and add the required attributes behind the scenes (or create the “web object” and it’s backwards references). Getting rid of the merge concept right in front of the user would really be helpful as this concept might be how it works from a technical standpoint, but users shouldn’t care…
  • Think about improving the need to have 2 separate user accounts for a single user for administration of Nuki Web and granting access to a lock. Imagine a user shall be blocked for access and a user would only do this from the Nuki app has s/he forgot about the additional permissions granted in Nuki Web. A single identity for a single natural person is more logical to most of the people.

Just my two cents to it.

Cheers,
Julian

2 Likes

Thanks for your feedback!

I will definitly take a deeper look at your suggestions as soon as we have ressources available for some Nuki Web adaptions.

To be add about “user management”: How comes that only the owner of a lock is getting low battery messages?

In my (maybe limited) world: The owner can have several managers. The role of a manager would be to do everything beside being called an owner and naming other managers.
The manager should be able to made responsible for battery as well as getting the login information from AirBnB et al.
The Owner should be able to decide if (s)he wants to have some information or not. If I would own several houses or hotels (let’s dream (o:) then I wouldnt want to be bothered by the battery level or which code has to be sent to a customer.

What are you doing in a Family? One of the parent will be set as the owner (since there is only one owner)… are you providing marital consultancy for the possible programmed fight about who’s the owner? ;o)))

So what will people do? -> make a “fake email account” that will be shared among owner and managers. Defintively NOT the professional way… dangerous to share password, removing traceability…

Based on user/role management: we can’t recommend Nuki, sorry.

(the second reason: battery topic)