Loading...
Loading...
Loading...
Loading...
Loading...
The Dashboard under My Workspace is the default page once the user has logged in to Cymmetri. This page is accessible to all users in Cymmetri.
Cymmetri assigns a basic user role to all users in the system by default. Users with such a role will be able to view the screen as shown below:
Users with a Cymmetri Administrator role can view additional system information on their dashboard. An example dashboard view for a Cymmetri Administrator is shown below:
The user sees a summary of recently accessed applications. Clicking on any of these applications will result in Single Sign-On (SSO) to the chosen application. If the user has not accessed any applications recently, the system will display 'No recent apps'.
The user receives notifications when their access to certain applications is set to be automatically revoked after a specified period. The applications listed in this section have access times defined for the user and are not granted as lifetime access.
The Team Page in My Workspace empowers managers to have a holistic view of their team's access and permissions within the organization. This documentation covers the essential features and functionalities available on the Team Page.
On the Team Page, managers can see a list of all their team members. This list serves as a quick reference to identify team members and access their profiles, applications, groups, and risk violations.
Managers can access detailed profile information for each team member. This includes contact details, designation, department, and other relevant information. This section helps managers keep track of their team members' details for efficient communication and management.
In the Applications Section, managers can view applications that are already assigned to their team members. This provides a clear overview of the software and systems each team member can access.
Managers also have the capability to assign access to applications directly from this section. This streamlined process simplifies application management and ensures that team members have the right tools to perform their roles effectively.
In the Groups Section, managers can view the groups that are assigned to their team members. Groups are useful for managing permissions and access to specific resources within the organization.
The Risk and Violations Section allows managers to monitor their team members for any risk violations. This helps maintain compliance and security within the organization by promptly addressing any potential issues.
The Team Page offers a comprehensive solution for managing your team's access and permissions, streamlining workflows, and maintaining a secure and compliant environment. With this documentation, you can make the most of these features to ensure efficient and effective team management within your organization.
The "On Behalf" section in Cymmetri provides authorized users and administrators with the capability to perform actions or transactions on behalf of other users. This feature is particularly useful for delegated administration and support scenarios, allowing one user to assist another or act on their behalf with specific permissions.
In the Cymmetri platform, when a user needs to raise an access request for an application on behalf of another user, they can navigate to the "On Behalf" tab within MyWorkspace.
On this page, the user is presented with a list of all users. By clicking on the ellipsis icon located at the top right corner of a user's card, a menu appears, offering the option to "Assign application" on behalf of the selected user.
Upon selecting the "Assign application" option, the user is directed to a page displaying the available list of applications. Subsequently, by clicking the "Assign" button for a specific application, the user can either initiate the workflow for application provisioning (if configured) or directly assign the application to the selected user.
This streamlined process within the "On Behalf" section of Cymmetri enhances the user experience, making it efficient and user-friendly for authorized individuals to manage access requests and application assignments on behalf of others.
The Cymmetri application workflow mechanism is used to enforce approval of users access requests for the purpose of right-user-getting-correct-access. At the same time, providing a history of all such requests and their approvals ensures accurate reporting.
The Cymmetri Inbox section allows users to view and approve the access requests for other Cymmetri users. Apart from user access approval requests, the user can also view the status of their own access requests under My Requests section. Lets have a detailed understanding of each section:
The Requests section under Inbox lists the application access requests raised by other Cymmetri users.
Cymmetri users can request for access to applications not automatically assigned to them. These request for application access may not always require an approval. In certain cases the access request will be automatically applied as there is no approval workflow configured by Cymmetri Administrator. But in cases where an approval is needed a workflow request is triggered, this request process is managed from My Access > Request section.
Please note: The User will be allowed to select the roles based on configuration at application settings page. If user is allowed to request for more than one role, in such scenario all roles will be combined in the approval request for the approving authority to approve or deny. Similarly, based on configuration, user will be able to search and select only the roles allowed explicitly for request. Example: business users shall not be allowed to request for Administrative type roles when raising the requst.
After a Cymmetri user has raised an approval request, the approver authority is selected by Cymmetri automatically. The approver is alerted by the system through an notification event in the user’s Notification tray. Cymmetri can also alert the approval user by way of email sent to the user. By clicking on the notification or the Application Requests short-link, the user is sent to the Inbox page.
The user can also view the notification request under Request section on the user’s Dashboard.
Here the user should click on Open menu under Requests section to view all the pending application access requests. On clicking one of the mail list items, the user can view the details of the application access request as shown above
The approval user can now approve the request or mark their rejection for the access request. The approval user may provide comments for the action taken under the Comment box text area.
After clicking the Accept button, the user approves the application access request. Cymmetri shows the success message to the approval user.
Cymmetri allows flexible workflow configuration for managing closure of access requests in time bound manner. In case of escalation scenario, the next in line reporting manager will be automatically escalated based on turn around time definition for the particular workflow step. The relevant users will be alerted through email notification of the escalation of such requests.
If no escalation is defined, Cymmetri will automatically mark the request as rejected to end the request cycle. Cymmetri will alert the user of the automatic rejection via email notification.
Cymmetri users can view the history of processed requests by way the Archive menu under Requests section. The user can click on any one of the mail list items, and view the details of task.
If an access request requires more than one level of approval, the same can be viewed one below the other with the following details -
Approver Name
Date and Time of approval
Approver comments (if any)
Cymmetri users can request for change in access role for applications assigned to them. The request process is managed from My Access > Application > Setting context menu. An approval request is generated once the user submits the role change request.
The role change may not always require an approval. In certain cases the role change will be automatically applied as there is no approval workflow configured by Cymmetri Administrator.
Claims is the process of approving user access requests through any one approving authority in Cymmetri. In the event one approver is unavailable, it is likely other approver(s) can stake claim for the request and process the access request.
The approvers are configured by the Cymmetri Administrator. The approver level level can be defined as a single user, reporting manager or a group of users.
A claim request can be access from the Dashboard or the Notification tray.
A click on the notification or claims short-link will land the user on the Claims section of the Inbox.
The user can click on any one of the mail list items under Claims section, and view the details of task.
Once the user clicks on Claim button, the request moves from the Claims section to the Requests section. The claim user sees the success message "Task claimed successfully" and the user is automatically guided to the Open menu.
The user can click on the list item and view the details for access request. The approver can leave comments if needed and Accept to approve or Reject the request.
Once approved successfully, the user will see the success notification.
The My Requests section lists all the application access requests raised by the logged in user. Here the user can view the status of the application access requests raised and review the access grant history.
The Open menu lists all the requests yet to be approved for the user.
The Closed menu lists all the requests that have been either approved or rejected for access. By clicking on one of the mail list items, the user can view the history of the task. The details of the approve or reject action can be seen with the time and date of such an action as well as the comments of the approver if any.
Cymmetri provides an interface where users can view the applications assigned to them from where they can access such applications using Single Sign-On (SSO). The SSO ensures that users do not need to remember the username and password to access the desired application. Users can also request access to applications not yet assigned or entitled to them by providing the necessary information.
The Application section under My Access provides user easy and friction-less access to the applications they want to use.
Applications can be assigned to the user using the Cymmetri Provisioning framework, either as a birth-right (default) access, or through Provisioning Rules as defined by the Administrator.
For applications requiring approval, the Cymmetri Workflow processes such access requests before granting access to the user.
Note: Cymmetri provides the ability to set up On Demand Access. Below is the default Request for Access feature.
User can view the available applications after click on the Request button on the Application page under My Access.
The user can view all the applications that are available for the organization. The applications already assigned to the user are indicated by a green check mark.
The user can request for any application not already assigned to them by clicking on the required application tile. The user is required to select the period of access - either a Start and End Date for access or opt for Lifetime Access. After the selection, the user can submit the request by clicking the Save button.
The search bar on the Application page allows users to quickly search an application by its name. To use the search, click on the search icon followed by typing the name of the desired application.
The search result is automatically displayed for the matching applications below :
The search for applications is across the tags defined by the user.
The user can access any application by simply clicking on the desired application tile. Cymmetri will initiate the authentication request to the target application, and here, the user will get authenticated to the desired application in a new browser tab or window.
User accessing the applications which are assigned on time bound basis, will show a snippet defining the access period. This is for the user’s information. The snippet is visible while user hovers over the application tile.
As a user self-service action, applications assigned to the user can provide the user with options to manage their access. Clicking on the menu button under an application tile opens a context menu for that application.
The Assign Role context menu, allow users to change or request for change the role assigned to them. If there is no approval required for the requested role, the system will automatically assign the role to the user.
The remove role context menu, allow users to remove the role assigned to them. If there is no approval required for the requested role, the system will automatically assign the role to the user.
The user can opt the Request Extension option from the application context menu.
On successful submission, the user can view the success message. If a workflow is configured on the application access then a workflow gets triggered and the extension is granted only after the approval of the workflow.
Tags allow for easy categorization of applications as desired by the user. When a user is assigned numerous applications tags help in categorizing them and allowing easy management of applications.
To add a tag, click on Create New Tag button. Provide the desired name and click on Create button.
Once submitted successfully, the tag is visible on Application page.
User can move applications from the All Applications section to any tag as desired. Click on the menu button inside an application tile, select the option Move to Tag.
Once the tag is clicked, the system will move the application to the respective tag and user will see the sucess message.
User can now view the application under the tag by clicking on the tag name.
User can move an application from one tag to another tag by following the above mentioned process.
The user is allowed to create Tags to manage the applications assigned into different sections for ease of access. User can create up to 4 tags. After user creates the fourth tag, the Create New Tag button is disabled.
A user cannot create a tag with an existing tag name. Cymmetri will show an error "Tag with same name already exists".
User can rename a tag anytime by clicking on the menu button on the tag and selecting Rename option.
Type in the revised name for tag and click Update button.
On successful update, the tag name is changed and user can see the success message.
User can opt to delete a tag using the the delete tag option on clicking the Delete option.
Clicking on Delete will show a warning and once approved the tag will be removed.
On successful delete, the tag is removed and user can see the success message.
Deleting the tag will not remove the applications assigned to user. The applications can always be viewed under All Applications.
Depending on the configuration performed by the Administrator, the user will be assigned to the application or the approval request for the user’s access will be initiated. After all the approvals are granted, the user will be assigned to the application.
Cymmetri allows user to extend their access period for applications with time-bound access.
Cymmetri shows the current access end date. The user is required to select a new access end date and click on Request button.