Help Center/ OneAccess/ User Guide/ Enterprise Administrator Guide/ User Management/ Managing Authorization
Updated on 2024-12-30 GMT+08:00
View PDF
Share

Managing Authorization

With authorization management, administrators can authorize application accounts to applications and users within their scope of permissions. Users can be authorized in batches by organization, and application roles and permissions can be assigned to authorized users, in addition, you can edit, delete, enable, or disable authorized application accounts. (This function must be granted by the super administrator.)

Authorizing an Application Account

Manage the mappings between OneAccess users and application accounts. You can map a OneAccess user to accounts of different applications.

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the displayed page, click User Authorization under the application to be authorized.

    The Authorization Management page displays only the applications accessible to the administrator.

  4. Click Add User in the upper right corner. On the Add Account page, click the name of the organization to which the user to be authorized belongs and select it.

    On the User Authorization page, only the application accounts on which the common administrator has permissions are displayed.

  5. Click Save to complete the authorization.

Editing an Application Account

The administrator can edit the application account on the user authorization page and modify its information.

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the page for authorization management, click User Authorization under an application.
  4. Click Modify in the Operation column of the user to modify user authorization information.
  5. Enter the new information and click Save.

Disabling or Enabling an Application Account

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the page for authorization management, click User Authorization under an application.
  4. Click in the Status column of the user to be disabled. After an account is disabled, the application is not displayed on the user portal of the user and it cannot be accessed. You can click to enable the account. After the account is enabled, the application is displayed on the user portal of the user and the application can be accessed.

Deleting an Application Account

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the page for authorization management, click User Authorization under an application.
  4. Click Delete in the Operation column of the user to be deleted.
  5. In the dialog box that is displayed, click OK to cancel the user's permission to access the application.

Adding an Application Role or Permission

The prerequisite for granting application roles/permissions is to configure application permissions. For details, see Application Permission Management.

On the User Authorization page, the application accounts that the common administrator has permissions are displayed. The common administrator can add roles and permissions to these application accounts. For applications configured with role-based application permission management, you can only add roles. For applications configured with role-, permission-, and resource-based application permission management, you can add roles and permissions.

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the page for authorization management, click User Authorization under an application.
  4. Click Application Roles/Permissions in the Operation column of the user to be operated.
  5. Grant permissions by application role or permission.

    • The application permission of the application is set to role-based application permission management.

      In the displayed dialog box, select a role name and click OK.

    • The application permission of an application is set to role-, permission-, and resource-based application permission management.
      • In the Application Roles/Permissions dialog box, select Authorize by role, select a role name, and click OK.

      • In the Application Roles/Permissions dialog box, select Authorize by permission and click Add Permission. In the Add Permission dialog box, select a permission type, select resources, and click OK.

Searching for an Application Account

On the User Authorization page, the administrator can filter application accounts based on the search criteria.

  1. Log in to the administrator portal.
  2. On the top navigation bar, choose Users > Authorization.
  3. On the page for authorization management, click User Authorization under an application.
  4. On the User Authorization page, you can filter users.

    • You can select the start time and end time based on the application account creation time, and click OK to filter the application accounts created in the specified time range.
    • You can select Account and enter an account name or name in the text box to filter application accounts that meet the search criteria.
    • You can select User and enter an account name or name in the text box to filter application accounts that meet the search criteria.
    • You can select an organization and enter the organization name or code in the text box to filter the application accounts.
    • You can select Enable or Disable from the State drop-down list box to filter application accounts.

Parent topic: User Management