Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Getting started

IT admin

search

IT admin

Delegated User Management allows you to manage how access is granted using a tiered delegation model based on roles.

Monitor users

Monitor user-related events for up to one year prior, through the platform's customizable data visualization tools such as Dashboards and Reports.

alt_text

Read more about the different event customization options available for the data visualization tools.

Organize data

Delegated User Management provides a flexible data classification system that governs the relations between users and how data can be accessed.

We use schemas, collections and structures as a logical means of organizing data. By using a combination of static and dynamic structures that can be defined on a single level or can be nested on several levels, you can obtain a more granular control over what users can access and how.

alt_text

Read more about data classification.

Manage applications

Oftentimes, managing access to different applications turns into a nightmare because of the fact that they are managed individually, on different platforms, and sometimes by different people within an organization.

Delegated User Management brings a centralized approach to application management, allowing you to manage how data can be accessed for both first party applications (called Branded apps), as well as third party ones. We consider Branded apps those applications that are owned and controlled by an organization, and applications the external ones that have already been integrated with OneWelcome IAM.

alt_text

Read more about application management.

Configure roles

As mentioned earlier, access to information is governed by a combination of roles and role types, system rules and flexible structures.

Roles are collections of permissions that control what data and applications a user can access and what actions it can perform. As an IT admin, you can configure roles according to your and your organization's needs for granting access for users and applications.

Delegated User Management provides four types of roles:

  • Application. This role type provides access to applications.
  • Admin. Is used to provide access to other users’ data and to the Delegated User Management platform.
  • Personal. Provides users with access to their own data.
  • Branded app. Allows branded apps to perform CRUD operations through API calls.

Within the platform, roles are defined per segment, so you can define different roles for different segments. Furthermore, a user can have multiple roles associated to it.

alt_text

Read more about defining roles.

Create rules

To automate the process of assigning roles to users, you can use rules that work at a predefined periodicity.

A rule instructs the system to perform a certain action if the set conditions are met. Conditions may be related to a user belonging to a specific group, or if it has a certain value for one or more attributes.

The system that enforces rules runs similarly to a background system job that is triggered periodically, which is why changes are not visible instantly. Please keep in mind that rules only allow you to add roles to users, but not remove existing ones.

alt_text

Read more about what rules are and how they work.

Set up system configuration

As an IT admin, you need to make sure that whatever software gets implemented by the company, it meets your organization and customers' needs and matches the internal processes and flows.

Therefore, an important step in setting up a new system is configuration. The platform provides advanced customization, configuration and branding capabilities so that you can tailor the platform.

Within the platform, you can customize the following:

  • Branded apps. Allows you to perform UI customizations for the branded apps that you define so they match the brand.
  • Data. Customize user attributes, attribute categories and set automation rules.
  • Data visualization. You can select the events you want to see in the dashboard charts and tables and how they are displayed, as well as set custom event names and categories.
  • Translation. Delegated User Management supports both application and platform translation.

Perform mass updates

Managing a large pool of users is a time-consuming, often repetitive job that could definitely use some automation.

Within the platform, we provide mass changes as a quick way for you to assign, as a one-time action, roles to a large number of users at once. This assignment is performed if they have a certain set of attributes or if they belong to a certain group.

alt_text

Read more about performing mass updates.

Add & manage users

The Management tab within the Users section of the platform provides all the tools you need to manage user accounts, whether in bulk or individually.

Create new user accounts and manage existing ones through:

  • Profile data management
  • Account administration (e.g. activation, blocking, deletion)
  • Password reset
  • Email address and phone verification
  • Management of user roles, including the assignment of time-based roles
  • Assignment of branded apps to users through branded app roles
  • Assignment of users to groups
  • Accept/ deny role requests
  • Managed users overview

alt_text

Read more about the different options of managing users.

Audit admin users’ activity

Stay on top of what is going on in the platform with the help of the Activity tab, which presents all actions performed by users with admin role types.

The information presented includes information regarding data visualization and setup actions (data, access, customization, settings), but doesn't include actions performed on specific users in service desk.

These are recorded using the specific events that have been set up for those users.

alt_text

Read more about the information presented in the Admin activities section.

Manage personal data

As an IT admin, you need to be able to easily manage users' information in order to complete their profiles or rectify inaccurate data. Additionally, as some data privacy laws require, you also have the ability to download personal data belonging to a user for respecting the user's right of access.

In addition to allowing you to add and manage users, the platform also allows administrators to manage users' personal data (such as profile picture, name, age, gender, address and phone, etc.) as well as employment information. You can add new information, edit the existing one or promote (move upward) the existing sections.

alt_text

Read more about the profile page

On this page