463 total results found
Description Soffid lets administrator users manage system printers. A printer must always be attached to a host. A network attached printer is composed of a host (network print server) and a printer (printer queue). Printers can be assigned to specific users...
Description The access log page allows querying all the information about the opened sessions. Note that any session that was active during the specified date will be shown, even when it started before of finished after that date. Screen overview Cust...
Description Soffid allows you to create roles to specify permissions that can be assigned to a user, a group, or an account. These permissions determine what operations are allowed on a resource. You can use roles to delegate access to users, applications, or...
Description Information systems are the systems that Soffid will protect granting and revoking roles. Each role and entry point is bound to an information system. The information system can be created hierarchically. These information systems are managed in ...
Role assignment rules
Description Soffid console provides an option that allows you to customize policies to assign or revoke roles automatically to specific users. To assign or revoke roles, the users must comply with the defined requirements. That option allows you to Preview c...
Segregation of Duties (SoD)
Description The segregation of duties (SoD) is a fundamental element of internal controls, defined to prevent error and fraud. Segregation of duties ensure that at least two individuals are responsible for the separate parts of any task. For each user, the r...
Description Operator can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as IP address is. Soffid supports both static and dynamic IP assignment. Anyway, static IP m...
Description Host screen let administrator manage static IP address assigned to any host. Dynamic IP addresses are automatically managed by Soffid ESSO. Related objects Network Custom attributes Basics On the basic host tab, you can view all the host ...
Description The mail domains identify each single mail domain that is going to be managed. If a mail domain is marked as obsolete, it won't be assigned to a user anymore. Custom attributes Code: domain, it will be as in email address is written. Descript...
Description An account is the way an user is presented on a target system. There can be user accounts as well as system-purpose accounts. An account belongs to a system and that account can have specific permissions assigned to it. An account must have defi...
Description The mail lists identify addresses that are going to be delivered to one or more users, just as distribution mail lists do. Standard attributes Name: identifier name of the mail list. Mail domain: an existing domain in the system. It is a pred...
Description Throughout the Soffid you will be able to perform searches on the different objects that make up the application. You will be able to search in the system by applying different ways of searching. Quick This option allows a quick search by fiel...
Description The Metadata functionality allows expanding the Soffid objects, their attributes, and their data types. Also, it allows expanding custom objects. By default, there is a list of built-in objects, but it is possible to create new custom objects and...
Download CSV file & Import
Download CSV file Soffid allows you to download all data objects displayed in tables in a CSV file. You can access to Download CSV file option through the hamburger icon from most of the components of the table type. Import Soffid allows you to upload a ...
Description Allows massive operations to be performed on the selected records. With that operation, updates can be made to any of the object parameters. You can access this option through the hamburger icon from a few of the components of the table type, lik...
Description Companies are organized in different business units, departments or workgroups. In Soffid, they all are named as groups. These group can be categorized by a group type. Group types can be used in the definition of Holder Groups. Some roles can ...
Description User type is the way to categorize users and allows configuring different password policies. Those policies can be more or less restrictive depending on the user's risk. For instance, internal users (automatically created) are different from exter...
Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ...
Description Groups are a convenient way to apply policies to a collection of users. Groups allow administrator users to specify permission for multiple users in a quick and easy way. Groups are managed in a hierarchical way. A user can belong to a group, and ...
Soffid BPM Editor
Soffid BPM Editor
Templates definition of process types
SCIM full examples
Resource data model & schema
The data model of the Soffid objects is mapped to JSON objects to enable the data transport between client and server.
ESSO Configuring Rules for Single Sign On
ESSO Scripting Language
User management steps
Define the user management steps
Step 7. Just in time privileges
Permissions management steps
Define the Process management steps
Account reservation steps
Define the account reservation steps
Self service portal examples
Step 4. Register additional resources (Optional)
Step 5. Account management
The account management step shows you how to manage the accounts to change the type, how to locate the accounts on the password vault and how to assign a password. To comply this step the discovery process must be completed.
Step 6. Passwords rotation
The passwords rotation reduces the vulnerability to password-based attacks. Soffid allows you to limit the password lifespan and force you to change it.
Definition Password domain Is a logical way of grouping managed systems that are sharing the same password for each account. If the administrator chooses to have the same password for every system, only one password domain should exist. If the administrator ...