To create a new Onboard user:
Create a New User in VIP and ensure the password conforms to VIP’s Password Policy.
Within the Production user profile, select External Access Only.
If the account is to be used for testing, create the user account in the Production environment first, then the Test environment.
Within the Production user profile, select External Access Only and Authentication Only.
Within the Test user profile, select External Access Only.
Create a New User in Veslink using the same credentials from VIP.
If a user is to only be created in Production, set Auth Type to ImosApp (Veson only)
If User is created in Prod and Test (Veson only):
Set Production Auth Type to None.
Test Auth Type to ImosApp.
Note: Any user with sufficient permissions to create a Veslink account in VIP will be able to do so via the Voyage Reporting Security workspace in Operations, however once created, a request will need to be sent to Veson to change the account’s Authentication Type.
Once all required user accounts have been created, within VIP, in the Data Center, select Replication.
Run Bulk Import. This syncs the user account with the Onboard schema.
Set User Permissions.
Within Security in VIP, give user R/W Object Rights access to the operating Vessel, Vessel Type as well as applicable Company and Forms.
Provide the required Module Rights either at the user, or the group level if one exists.
Within Security in Veslink, provide user and form permissions as required, then select Restrict Vessel Access and only provide access to the operating vessel.
The hidden config flag CFGEnabledVesselSecurity could be set to Y too. However, this can cause latency issues for all users in the system if their vessel list is greater than 15,000 vessels.
Note: Within VIP, Forms Object Rights only display once the Veslink account has been created. Additionally, if using Form Groups, then a user can be provided access to all Forms negating the need to only select applicable forms in two locations.
Finally, to test the user account has been created successfully, open an Incognito window and sign in via veslink.com.
For security reasons, vessels may need to add IP addresses and network ports to their allow-list. The port is 443 and IP addresses by region are found here.