General Config

In this section within Cymmetri a range of general or broad configuration settings and options are managed. These settings encompass various foundational configurations that affect the overall behavior of Cymmetri.

There are different system configurations in Cymmetri mentioned below:

On Behalf

It refers to a setting within Cymmetri that enables a user to raise an application access request on behalf of another user. An administrator can enable this feature and then the user can raise a request for any other user. The page here shows how the users get an access to the On Behalf feature and use it to raise application requests

Time Based

In the Time-Based configuration, system administrators have the capability to determine whether the system will send repeated notifications to users based on the number of days remaining, as specified in the 'Send Notifications before' field. This occurs when an application is assigned to the user as a time-based application and is about to expire.

Email Config

These settings and configurations within Cymmetri are specifically related to the management and customization of email-related functionalities. This configuration area allows administrators to set up, manage, and customize the email communications as per the organization's needs.

Suspend Config

Within the Suspend Config section, administrators have the ability to determine the duration a user remains in a suspended state before transitioning to the archived users section. This can be specified using the "Suspend After" setting.

Scheduler Integration:

The system incorporates a scheduler feature, enabling administrators to automate the transition of users from the suspended state to the archived state. The scheduler runs within defined time frames, streamlining the management of user statuses.

As an example, if the "Suspend After" configuration is set to 0 days, a user will promptly move to the archived users section upon suspension. This allows for flexibility in tailoring user management to specific organizational needs.

Workflow Preference Config

Within the Workflow Preference Config, administrators have the ability to specify the visibility and editability of workflows associated with user access requests for a particular application. This setting allows for tailored control over how approvers interact with the configured workflow.

Visible to the User:

When this option is selected, approvers for the requested application are visible to the user initiating the access request. Transparency is maintained throughout the workflow process.

Hidden from the User:

Opting for this configuration ensures that approvers for the requested application remain hidden from the user. The workflow operates discreetly in the background without user visibility.

Editable by the User:

If this preference is chosen, users initiating access requests have the ability to select approvers based on their availability, providing a more dynamic and user-centric workflow experience.

This functionality applies if a workflow has been configured for the specified application, offering flexibility in managing user access requests in alignment with organizational requirements.

The approvers mapped in the workflow can only be edited only if they are part of the "user list" in workflow configurations.

In conclusion, if the workflow preference config is set to Editable, the requester will only be able to select the approver from the workflow if the approvers are part of a user list.

Reset Password OTP Config

This setting involves whether an OTP (One-Time Password) is required as an additional verification step when users attempt to change their passwords.

User Decommission Config

The User Decommission Config is a vital feature in Cymmetri, allowing administrators to automate user decommissioning based on login activity.

In this configuration, actions are triggered if the user hasn't logged in to Cymmetri in n number of days

Config Days: Set the threshold for user inactivity in terms of days. Users who have not logged in for the specified duration will be subject to the defined actions.

Actions: Choose from three distinct actions to be taken when the specified inactivity threshold is reached:

  • None: No action will be taken based on user inactivity.

  • Inactive: Users exceeding the configured inactivity period will be marked as inactive.

  • Delete: Users who have not logged in for the specified duration will be suspended from the system.

Syslog Configuration

Syslog configuration in Cymmetri allows for the seamless integration of logging and event information with external Syslog servers. By defining specific parameters, administrators can ensure that critical system events, user access information, and other relevant data are transmitted in real-time to a Syslog server.

Syslog Config fields:

  1. Syslog Name - Assign a unique name to this Syslog configuration

  2. App Name - Specify the application name associated with this Syslog configuration.

  3. Server Host Name - Enter the hostname or IP address of the Syslog server that will receive log messages

  4. Server port - Define the port number on the Syslog server where log messages will be sent.

  5. Protocol - Choose the preferred protocol for Syslog communication - TCP or UDP.

In configuring these parameters, administrators tailor Cymmetri's interaction with external Syslog servers, optimizing the logging process to meet organizational needs.

Webhooks Configuration

Webhooks in the Cymmetri's admin module provide a powerful mechanism for real-time communication and integration with external applications or services. Administrators can configure various webhook settings to enhance the system's functionality and streamline interactions with external components.

Webhook Configs:

  1. Protocol - Communication protocol - (Static field)

  2. Method - HTTP method for webhook requests - (Static Set to post)

  3. Server - Enter the server or endpoint URL where the webhook payloads will be delivered.

  4. Server Context path - provide the context path for the specific service within the server.

  5. Secret - This secret key, known to both Cymmetri and the external service, helps authenticate the webhook requests.

  6. Token Expiry Minutes - Define the duration (in minutes) for which authentication tokens associated with webhook requests are valid.

Application Request Config

This setting determines if a user has the ability to initiate requests for new applications through the Cymmetri self-service page.

When the status is active, the user will see the "Add New" button on the "My Access" page within the "My Workspace" section. By clicking this button, the user can submit an access request for additional applications.

Threshold Delete Config

The Threshold Delete Config is a critical component in Cymmetri, governing the maximum number of users that can be deleted from the system in a single day.

This configuration provides an additional layer of control to prevent unintended mass deletions and ensure the security and stability of Cymmetri