User Management

This document provides guidance on how to securely login to Keysight Quantum system and manage user privileges based on roles.

Default QCSTeam User

When accessing the HclBackend, all users are automatically logged in as the QcsTeam user, who has the “Team” role. This setup eliminates the need for login prompts and entering login credentials each time.

The username and password for the team user are:

Team Username: QCSTeam

Team Password: QcsTeam1234@

If the admin creates a dedicated user account and the test user is no longer needed, the admin can change the Team user’s password to prevent further access to this account.

QcsAdmin User

We will be using a default root user with following credentials for all the User related operations

The username and password for the admin user are:

Admin Username: qcsadmin

Admin Password: Keysight1234@

Note

Admin users, we strongly recommend changing the password upon your first login to the system.

User Management features includes

  1. Login - Authenticate users to access the quantum system.

  2. Create User - Add new users with roles.

  3. Change Password - Update users password.

  4. Activate/Deactivate User - Activate or deactivate a user.

  5. Assign/Revoke user roles - Assign or revoke roles (Admin, Physicist, Team)

User Roles:
Following are the supported user roles:

  1. Admin - allows users to create users, change users password, create/deactivate users, assign/revoke roles and execute programs and read result.

  2. Physicist - allows users to execute programs and read their own results.

  3. Team - allows users to execute programs and read results for anyone also with the Team role.

The following code cells assume you have an HclBackend set up like this

import keysight.qcs as qcs

mapper = qcs.load("../../assets/channel_mapper.qcs")
# initialize the backend pass
backend = qcs.HclBackend(channel_mapper=mapper)
Login

To access the Quantum system, users must log in with their username and password. Only authenticated users can execute programs, read results or perform user management depending on their roles. For cloud users, the login process requires an additional flag: cloud_user = True. Only Base64 encoded passwords are accepted by the login API. You can encode your password using https://www.base64encode.org/

backend.login()

# login with params
encoded_password = "your_base64_encoded_password"
backend.login(username="qcsadmin", password=encoded_password)
Create User

Administrators can create new users and assign roles. To create user, admin should provide username, password, email and roles. The create user API prompts for user name, password , email and user role/roles

backend.create_user()
Change Password

Administrators can change the password of active users by providing their username. The create user API prompts for user name and new password.

backend.change_password()
Activate/Deactivate Users

Administrators can activate or deactivate a user by providing their user name. The API’s prompts for username that needs to be activated or deactivated

# To activate a user
backend.activate_user()

# To de-activate a user
backend.deactivate_user()
Assign/Revoke roles

After creating a user, admin can assign/revoke a new role to the active user. The API’s prompts for the username and role to either assign the role to the user or revoke it.

# To assign a user role
backend.assign_user_role()

# To revoke a user role
backend.revoke_user_role()
Revoke User Token:

When a user logs into the QCS system using their credentials, a login token is stored on the client system. This token is used for subsequent logins, allowing the user to log in without re-entering credentials. Tokens remain valid for 7 days. If the user suspects that the token has been compromised during this period, they can use this method to revoke the token. Once revoked, the user will be prompted to enter their login credentials the next time they access the HclBackend.

# To revoke a login token
backend.revoke_token()
On this page