Application access tree


The entry points could be to connect to information systems defined on Soffid, or to connect to other applications. These applications can be Web applications or Native applications. Each information systems can have one or more application entry points.

The entry points are managed in a tree structure, that allows creating new menus and new application access.

Each member of the tree can be tied to a list of users, account groups, or roles. Also, you can choose if the application menu entry will be visible or not by unauthorized users.

After logging on to a managed workstation, the system will apply such restrictions and will update the Windows or Linux start menu.

Each application entry point will have different execution methods for fully managed workstations, loosely managed workstations, or external devices. Each of them can be a web browser URL or a javascript piece.

Each application entry point can have a single sign on rule. Those roles are fully explained in the ESSO reference guide. For more information, you can visit the ESSO chapter.

The defined entry points allow to final users open applications from the self service portal. For more information can visit My Applications page.

Screen overview

  1. Information system
  2. User
  3. Group
  4. Role
  5. Account

Standard attributes



Allows you to grant access permissions to users, groups, roles, or accounts. 

To give authorization it is necessary, first of all, to select the grantee type, then to choose the user, group, role, or account, and finally choose the access level. The access level allows two options:


Allows Administrator users to configure the entry point access. It is only available to entry points with the option Menu not selected.

There are three options to configure the executions. Administrator users can configure one or more:

For each execution option it is possible to configure the following parameters: 


Allows you to customize a script to define a pattern to detect when an application is used and how to inject the credentials.

For more information, you can visit the ESSO chapter.


Application query

💻 Image


Query Allows to query the entry points through different search systems, Quick, Basic and Advanced.
Create new entry

Allows you to add a new entry point.

To create a new entry point you can click the Create new entry button, then Soffid will display a new window to fill in the entry point data.

To add a new entry point it will be mandatory to fill in the required fields.

Application detail

💻 Image


Apply changes

Allows you to save the data of a new entry point or to update the data of a specific entry point. To save the data it will be mandatory to fill in the required fields.


Allows you to delete the entry point.

To delete an entry point, you can click the hamburger icon and then click the delete button (trash icon). Soffid will ask you for confirmation to perform that action, you could confirm or cancel the operation.


Allows you to quit without applying any changes made.

💻 Image


Add new

Allows you to add a new authorization. You can choose that option on the hamburger menu or by clicking the add button (+).

💻 Image


First,  you will select the Grantee type, which could be a role, a user, an account, or a group. Second, you will select the Grantee, it will depend on the Grantee type selected. Then, you will fill in the access level. And finally, you will apply changes.

💻 Image


Apply Changes Allows you to save the execution configuration.
Delete Allows you to delete the execution configuration.
💻 Image


Validate Allows you to validate and save the script.

Revision #35
Created 7 April 2021 14:49:37 by
Updated 8 March 2024 08:32:37 by