Applications

To initiate the utilization of Complico's innovative Access Management infrastructure, the first step involves adding Applications.

Begin by selecting the Access Management option on the left side-bar, as indicated by the arrow below.

Add an Application

Proceed to the Application tab and add a new application by clicking on the 'Add Application' button, as denoted by the arrow below.

We encounter two distinct menus, and the initial one we will explore is the Create New Application menu.

As we complete the form, we have the option to designate an owner (an employee or collaborator responsible for the application), categorize it by type and service provided, and specify the risk level.

The risk level is determined by our internal metrics and serves to indicate various types of risks associated with the application.

The second menu, labeled 'Create By Vendor,' facilitates the addition of new applications directly associated with an existing vendor within our organization.

In the provided example, although we named the application, the vendor was selected from our pre-existing list of vendors.

Add an Account (Application users)

Displayed below is the page for the recently added application, offering various functionalities.

Beginning with the buttons encircled below, the Edit button facilitates modifications to the application's name and characteristics.

By selecting the 'Add Account' button, we can proceed to add new users for this application.

In the Account field, input the user's account, which serves as the identifier for registration and authentication within the application.

For the Employee field, choose an employee from the organization to associate with this account.

The Status field allows designation as either 'Active' or 'Inactive.'

To specify the account's role within the application, including its name and description, click on the 'Add Role' button under 'Added Roles.'

The Type field serves to categorize an account into four distinct types:

1. Mapped - The account's user is an employee of the organization.

2. Orphan - The account currently has no assigned user.

3. Service - The account's user is utilized by the organization's employees, but is a formal user.

4. External - The account belongs to someone who is not an employee but has access to our application, such as a freelancer.

The Type sorting system serves as a valuable tool in identifying accounts that may require attention, such as those marked as 'Orphan' that may need to be removed, or 'Service' accounts assigned to employees who no longer require them.

Implementing this sorting system enhances our organization's security and privacy, minimizing the potential for back-door breaches and associated risks.

Roles and their respective descriptions can be viewed and edited by clicking on the pencil icon, as indicated by the arrow below.

In this interface, modifications to the role's description can be made.

It's noteworthy that once a role is created, it becomes a part of the organization's roles list and cannot be directly edited.

To update a role, the existing role can be removed, and a new role can be added in its place.

Highlighted below are the permissions (roles assigned) for the employee John.

By clicking on a permission, you can access the role's name and description.

The options button, indicated by the arrow below, provides the ability to either edit or delete an account from the application.

The Save button, indicated by the arrow below, plays a crucial role in preserving changes made to an application, including the creation of accounts and modifications to permissions.

Be sure to click this button to ensure that your changes are successfully saved.

Returning to the Application tab, we now observe our single application, along with the date of its last update and the count of accounts associated with each application.