Search Results

Description The user is the core object of the system. In Soffid, a user means an identity (usually a person). Every user can have a number of accounts spread on different information systems. In traditional system management, one can assign roles and permis...

Description Groups are a convenient way to apply policies to a collection of users. Groups allow administrator users to specify permission for multiple users in a quick and easy way. Groups are managed in a hierarchical way. A user can belong to a group, and ...

Description An account is the way an user is presented on a target system.  There can be user accounts as well as system-purpose accounts. An account belongs to a system and that account can have specific permissions assigned to it. An account must have defi...

Description Information systems are the systems that Soffid will protect granting and revoking roles. Each role and entry point is bound to an information system. The information system can be created hierarchically. These information systems are managed in ...

Description Soffid allows you to create roles to specify permissions that can be assigned to a user, a group, or an account. These permissions determine what operations are allowed on a resource. You can use roles to delegate access to users, applications, or...

Description Soffid console provides an option that allows you to customize policies to assign or revoke roles automatically to specific users. To assign or revoke roles, the users must comply with the defined requirements. This option allows you to Preview c...

Description The segregation of duties (SoD) is a fundamental element of internal controls, defined to prevent error and fraud. Segregation of duties ensure that at least two individuals are responsible for the separate parts of any task. For each user, the r...

Description Operators can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as the IP address is. Soffid supports both static and dynamic IP assignments. Anyway, stati...

Description The host screen lets the administrator manage a static IP address assigned to any host. Dynamic IP addresses are automatically managed by Soffid ESSO. From the PAM module, when configuring the network discoverer, Soffid will register the machines...

Description The Browsers Detected screen allows the administrator to view the browsers and versions being used by SSO users. Screen overview Related objects Hosts : host of the system each one in a network. Detected browsers : detected browners in a n...

Description Soffid lets administrator users manage system printers. A printer must always be attached to a host. A network attached printer is composed of a host (network print server) and a printer (printer queue). Printers can be assigned to specific users...

Description The mail domains identify each single mail domain that is going to be managed and used in Soffid. Mail domains are validated when you enter an email in the attributes of type email. You cannot use mail domains that have not been previously regis...

Description The mail lists identify addresses that are going to be delivered to one or more users, just as distribution mail lists do. Screen overview Related objects Mail domain : mail domain of the list Mail lists : nested lists Users : assigned ...

Description The entry points could be to connect to information systems defined on Soffid, or to connect to other applications. These applications can be Web applications or Native applications. Each information systems can have one or more application entry ...

Description Soffid provides a protected storage, to save and manage accounts for multiple applications, that is the Password vault. Here you can save the accounts and passwords to access to critical systems and to your applications as well. Password vault all...

What is identity self service? Soffid Console provides the identity self service, where the end-users can consult or change their credentials, request new permissions or access to applications, manage their profile, or launch applications. All from a single p...

Description My certificates and FIDO tokens are part of the Identity self service that allows end-users to access their OTP devices configured. This option shows each user all their configured OTP devices, which can be certificates, FIDO tokens, and Soffid...

Description A high level profile can contain or grant application permissions. On the other side, application permissions can contain or grant low level permissions. All of them are referred generally as roles. Some users could have been granted both high le...

Description Probably there are some users that do not need access to any information system. Using this tool you will be able to identify them and act upon them. The process is a two step process: Filter out the universe of users to analyze. Select the a...

Description Probably there are some accounts that are no longer used. Using this tool you will be able to identify them and act upon them. The process is a two step process: Filter out the universe of accounts to analyze. Select the actions to perform on...