Users will have to use ATAK, while the ADMIN uses the online server. it is a join effort that uses a lot of communication. decide who your admin is going to be before proceeding. I will have everything in order, just follow the tabs below (the admin and the user have to take turns on their steps)
These first two steps will seem like they are all you need, but if you do not go to the next page, anyone will be able to access your server without credentials.
WEB UI STEPS
In the web ui, go to the user tab on the left hand side.
click add user on the right.
give them a name, using their callsign is an easy way to keep track
group and token are both "user"
give them a complex password. it will not have to be written down as it is sent to them as a datapackage in ATAK
certs: true
device type: mobile
click submit
ATAK STEPS
The user will now open ATAK
click the top right menu
settings
network preferences
server connections
network preferences
manage server connections
click the 3 dots in the top right
click Add
name it whatever you want
address is the ipv4 ip that the admin uses to access the web ui
click advanced settings
protocol is TCP
port is 8087
click okay and you will be connected
continue to the next page for assigning SSL certificates (this adds password protected users to your server so you can close the 8087 port)