LogoLogo
Archive
Archive
  • Introduction to Cymmetri Cloud 2.0
    • FAQ
      • Adding the Application
      • Supported Web Browsers
      • Forgot Password & Unlock Account
      • Cymmetri Error codes
      • Help
  • Getting Started with Cymmetri Cloud 2.0
    • What is Cymmetri?
    • Starting your Cymmetri Cloud 2.0 Trial
    • Accessing Cymmetri Cloud
    • First Time User Registration
    • Logging in as an end user
    • Setting up Multi-factor authentication rules for Login
  • Administration
    • Reports and Analytics
  • My Workspace
    • Getting Started
      • Introduction
      • Login with External Identity Provider - Social logins
    • How to use the My Workspace
      • Dashboard
      • My Access
      • Inbox
      • Team
      • Session Management
  • Application Management
    • FAQ
      • Support for Application Management
    • Getting Started
      • Introduction to Application Management
      • Adding Applications to be managed by Cymmetri
      • Assigning Applications to End Users
      • Configuring Connector Server
    • SSO How to
      • Configure Single Sign On
      • Configure SAML 2.0 Single Sign On
      • Configure API SSO
      • Configure OpenID Connect based Single SignOn
    • Provisioning How to
      • Azure Provisioning
      • Active Directory (AD) Provisioning
      • Google Apps (Workspace) Provisioning
      • LDAP Provisioning
      • Powershell Provisioning
      • REST Connector Provisioning
      • SCIM v2.0 Provisioning with Basic Authentication
      • SCIM 2.0 with Bearer Authentication
      • SCIM 2.0 with Fixed Bearer
      • Github Provisioning
    • Reconciliation How to
      • Configuring Reconciliation Process
  • Managing Users and Groups
    • Setting up Users and Groups
      • Create Users
      • Create Groups
      • Importing Users
      • Assigning Users to Groups
      • Setting up permissions for Delegation
  • Common Features
    • Features used throughout the Cymmetri Platform
      • Workflow Management
      • Configuring Webhooks
      • Multifactor Authentication (MFA)
  • Personalization
    • How to configure your tenant and personalize it
      • Adding new admins
      • Masters in Cymmetri
      • Personalize Notification Templates
      • Add Branding to your tenant
      • Adding Custom Attributes for User Object
  • Authentication
    • Identity Federation
      • Steps to Configure Azure AD as External IDP for Cymmetri
  • Governance
    • Access Certification
      • Setting up and managing Access Reviews
  • Additional Tools
    • Miscellanous Tools and Utilities
      • Password Filter
  • Privileged Access Management
    • PAM Administration
      • Introduction to Privilege Access Management (PAM)
      • How to Access PAM in Cymmetri
      • Sub-Sections of PAM
      • Steps to configure PAM Server
      • Adding a device/ server in PAM
      • Vault User
      • Vaulting Configuration
      • Break Glass Configuration
      • PAM Reports and PAM History
      • Dormancy Disable Config
    • PAM Usage
      • Assign a server to a user
      • Access the server
Powered by GitBook

Cymmetri.com

On this page
  • Global masters
  • Zone Masters

Was this helpful?

Export as PDF
  1. Personalization
  2. How to configure your tenant and personalize it

Masters in Cymmetri

Masters are key-value pairs that can be defined for the entire tenant. The key in this context refers to the label to be shown on the Cymmetri User Interface, and the value is the backend identifier used to reference this field in various processes, rules, and policies defined in the Cymmetri Identity platform deployment.

Cymmetri Identity platform allows for configuring a number of masters in the system, the major classification among which is Global masters (which allow for creating master key-value pairs that may be used for various situations, such as creating a new department, designation, and other custom attributes for users in the system) and Zone masters (which are network configurations that may be used to whitelist or blacklist user access onto the platform as well as act as a source for adaptive Multi-factor authentication).

Global masters

These are system-wide key value pairs primarily used to setup key value pairs referring to various masters as given below -

Types of Global masters

Country

Country key-value pairs are stored in the system, and are available as drop-downs wherever needed in the system - User attributes, Policies and other mappings.

UserType

UserType is used as one of the conditions while defining authentication policies and as an input in the rule engine.

Department

Department is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.

Designation

Designation is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.

GroupType

GroupType is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a group attribute.

AccountStatus

AccountStatus is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.

RBAC

RBAC (System Roles) is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.

CustomAttribute

Custom Attributes are the custom attributes that are key-value pairs that can be directly accessed by various backend engines by referring to them as attributes of the user object.

ApplicationCOSO

Refers to the various COSO mapped to application roles for the purpose of Segregation of Duties. Typical values for these are “Admin”, “Maker”, “Checker” and “Readonly”.

Zone Masters

Zone masters indicate the network zones that may be used for blacklisting or whitelisting access to the Cymmetri Identity platform deployment. It may also be used for detecting users from certain zone and assign relevant multi-factor authentication policies.

Zone Name - Used to refer to a zone in other configurations on the Cymmetri Identity platform.

Inactive/Active - Toggle button to check whether the zone is active (configurable as a condition for other rules on the Cymmetri Identity platform.)

Gateway IP - Refers to the Gateway IP address for the network zone.

Proxy IPs - Proxy Server IP addresses that may be used to be directed to this network or the IP addresses outside of the zone that would indicate a connection from this zone.

Fill all the mandatory configurations, click on the enable toggle button and finally click a “Save” button.

Last updated 1 year ago

Was this helpful?

CIDR - Refers to the CIDR notation of the subnet of the network that this zone refers to. .

CIDR Notation