LogoLogo
3.1.7
3.1.7
  • Getting Started
    • What is Cymmetri?
    • Release Notes
      • 3.0.1-Beta
      • 3.0.2-Beta
      • 3.0.3-Beta
      • 3.0.4-Beta
      • 3.0.5-Beta
      • 3.0.6-Beta
      • 3.0.7-Beta
      • 3.0.8-Beta
      • 3.0.9-Beta
      • 3.0.10-Beta
      • 3.0.11-Beta
      • 3.0.12-Beta
      • 3.1.0 - Product Release
      • 3.1.1-Beta
      • 3.1.2 - Product Release
      • 3.1.3-Beta
      • 3.1.4-Beta
      • 3.1.5-Beta
      • 3.1.6 -Beta
      • 3.1.7 - Product Release
      • 3.1.8 -Beta
      • 3.1.9-Beta
      • 3.1.10-Beta
      • 3.1.11-Beta
      • 3.1.12-Beta
      • 3.1.13-Beta
      • 3.1.15 -Beta
      • 3.1.16
      • 3.1.17
      • 3.1.18
      • 3.1.15 - Product Release
      • 3.0.x Consolidated
      • 3.1.x Consolidated
    • Starting your Cymmetri Trial
    • Admin Dashboard
    • Accessing Cymmetri
    • Supported Web Browsers
    • Cymmetri Error Codes
    • Help
    • Personalization
      • General Config
      • Admins
      • Masters in Cymmetri
      • Personalize Notification Templates
      • Tenant Branding
      • Custom Attributes
      • API Client
      • Batch Tasks
      • API Extension
    • Global Search
  • Identity Hub
    • Managing Users and Groups
      • User Management
      • User Detail
      • Create Users
      • Edit Users
      • Create Groups
      • Importing Users
      • Assigning Users to Groups
      • Delegation
        • Setting up Delegation
        • Delegating Work to Delegatee
        • Accepting Delegation
      • Suspended Users
      • Archived Users
      • All Users Session
    • Authentication
      • Identity Provider
        • Internal IDP
          • Introduction
          • Internal Identity Provider Configuration: Cymmetri
          • Internal Identity Provider Configuration: Active Directory
          • Internal Identity Provider Configuration: LDAP
        • External IDP
          • Introduction
          • External Identity Provider Configuration - Google IDP
          • External Identity Provider Configuration - Azure IDP
          • External Identity Provider Configuration - Salesforce IDP
      • Service Provider
      • Authentication Rules
      • Password Policy
      • Global Auth Policy
      • Adaptive
    • Attribute Setting
    • Password Filter
    • Logs
      • Audit Log
      • Import History
      • Scheduler History
  • Lifecycle Management
    • Application Management
      • Support for Application Management
      • Getting Started
        • Introduction to Application Management
        • Adding Applications to be managed by Cymmetri
        • Assigning Applications to End Users
        • Application Detail
        • Dynamic Forms
        • Configuring Connector Server
        • 360 Degree Recon
      • Provisioning How to
        • Cymmetri Connector List
        • Supported Provisioning Operations
        • Azure Provisioning
        • Active Directory (AD) Provisioning
        • Google Workspace Provisioning
        • LDAP Provisioning
        • Powershell Provisioning
        • REST Connector Provisioning
        • SCIM v2.0 Provisioning with Basic Authentication
        • SCIM 2.0 with Bearer Authentication
        • SCIM 2.0 with Fixed Bearer
        • Github Provisioning
        • ServiceNow Provisioning
        • AMAYA
        • HRMS
          • Darwin Box
        • Database Provisioning
        • CSV Directory (Flat-file)
        • Managing Manual Application Assignments
        • SOAP Connector (XML)
        • Integration with Service Desk Management Systems
      • Reconciliation How to
        • Configuring Reconciliation Process
      • Rules
        • Provisioning
        • Deprovisioning
    • Workflow Management
      • Workflow Configuration
      • Workflow Rules
      • Pending Workflows
      • Workflows List
    • Teams Config
    • Configuring Webhooks
    • On Demand Access
    • Form Logic
  • Single Sign On
    • Introduction
    • SSO Configuration
      • SAML 2.0 Based SSO
      • API Based SSO
      • OpenID Connect Based SSO
    • Multifactor Authentication(MFA)
      • Introduction
      • Cymmetri Authenticator
      • Push Authenticator
      • Google Authenticator
      • SMS Authenticator
      • Secret Questions
      • FIDO Authenticator
      • Admin MFA Setting
    • Passwordless
      • Introduction
      • TOTP Based
      • OTP Based
      • Consent Based
      • FIDO Based
  • My Workspace
    • Getting Started
      • Introduction
      • First Time User Registration
      • End User Login Process
      • Forgot Password & Unlock Account
      • User Settings
    • How to use the My Workspace
      • Dashboard
      • My Access
      • Inbox
      • Team
      • On Behalf
  • Privileged Access Management
    • PAM Administration
      • Introduction to Privilege Access Management (PAM)
      • How to Access PAM in Cymmetri
      • Sub-Sections of PAM
      • Steps to configure PAM Server
      • Adding a device/ server in PAM
      • Vault User
      • Vaulting Configuration
      • Break Glass Configuration
      • PAM Reports and PAM History
      • Dormancy Disable Config
    • PAM Usage
      • Assign a server to a user
      • Access the server
  • Governance
    • Compliance Management
      • IGA Policy Violations
    • Insights
      • Reports
      • Risk
      • Management Dashboards
        • CISO Dashboard
        • CRO Dashboard
      • Industry Compliance
    • Access Certification
      • Setting up and managing Access Reviews
    • Recommendation Engine
    • Role Management
      • Role Mining
      • Entitlements
      • Managing Roles in Cymmetri
    • Segregation Of Duties (SOD)
  • Self-Service App
  • Analytics
    • Cymmetri Analytics
Powered by GitBook

Cymmetri.com

On this page
  • Permissions Overview
  • Configuration Steps
  • Default Configuration

Was this helpful?

Export as PDF
  1. Lifecycle Management

Teams Config

Was this helpful?

The Teams Config feature is designed for Reporting Managers, providing them with controlled access based on specific conditions to perform various actions for their team members. Based on different conditions like Country, Department, Designation, Login Pattern and UserType multiple such configurations can be created in different combinations and different set of permissions.

Permissions Overview

Administrators can grant the following permissions to Reporting Managers:

1. Archived User Permissions

  • Archived Users: Allows the manager to view archived users from their team.

2. Suspend User Permissions

  • Suspended User View: Enables the manager to view suspended users from their team.

  • Suspended Users Resume : Allows the manager to resume suspended users from their team.

  • Suspended Users Delete : Permits the manager to delete suspended users from their team.

3. Users Permissions

  • Create User: Enables the manager to create new users.

  • Update User: Allows the manager to update user information.

  • User Info: (Enabled By Default) Provides access to view detailed user information.

  • User Application View: Allows the manager to view applications assigned to team members.

  • Assign Application: Permits the manager to assign applications to team members.

  • Assign Role: Enables the manager to assign roles to team members.

  • Unassign Application: Allows the manager to unassign applications from team members.

  • Unassign Role: Permits the manager to unassign roles from team members.

  • Menu Action: Grants access to context menu actions.

  • Assign Group: Enables the manager to assign user groups.

  • Unassign Group: Permits the manager to unassign user groups.

4. User Settings Permissions

  • User Lock & Unlock: Allows the manager to lock or unlock user accounts.

  • User Delete: Permits the manager to delete user accounts.

  • Reset Password: Enables the manager to reset user passwords.

5. RBAC Permissions

  • Assign RBAC Role: Allows the manager to assign RBAC roles.

  • Unassign RBAC Role: Permits the manager to unassign RBAC roles.

6. Secret Question Permissions

  • Secret Question: Grants access to view secret questions of team members.

7. Additional MFA Permissions

  • Remove MFA For User: Permits the manager to remove MFA for team members.

8. User Status Permissions

  • Active User Status: Sets a user's status to active.

  • Inactive User Status: Sets a user's status to inactive.

9. Risks and Violations Permissions

  • Risks and Violations: Allows the manager to view risks and violations associated with team members.

Configuration Steps

To configure Teams Config, follow these simple steps:

Navigate to Products -> Lifecycle Management -> Teams Config.

Administrator can choose to Add a new teams config or update an existing one. A newly added configuration added by the administrator can be both deleted and/or deactivated.

Add a new teams config

Click on the +Add Teams Config button and a page as below will be shown:

Name: A name for the configuration

Description: A detailed description for the configurations

Status: Set to active for enabling the configuration

Team: Set of permissions (as explained above) that the administrator can select from, to provide different levels of access to the manager

Conditions: Set of conditions (like Country, Department, Designation, Login Pattern and UserType) that the manager need to satisfy for the permissions to be provided to the manager

Default Configuration

There is a Default Teams Config that applies to all reporting managers. Any permission enabled here is universally applicable. It cannot be deleted but can be deactivated.

Customization based on specific conditions for a particular set of managers is not possible in this default configuration.