AuthX Portal Guide

Administrators

Posted authxwp

(Roles Required: Owner, Administrator, User Manager, Help Desk, Read Only)

Administrators are the one who can manage their company details. When a new company is created, by default a Owner gets added in Administrator.

Administrative Roles

All administrators have a role. That role defines their activities and view of the portal.

  1. Roles – Owner, Administrator, Application Manager, User Manager, Help Desk, Read-Only

  2. CRUD- Create, Read, Update and Delete

    1. Create- The admin can add elements or components.

    2. Read- The admin cannot add, edit and delete any components. They can just read.

    3. Update- The admin can edit any components and cannot add or delete them.

    4. Delete- The admin can delete any components and cannot add or edit them.

  3. Below is a matrix with admin roles and their permissions on different links in portal.

Modules

Owner

Administrator

Application Manager

User Manager

Help Desk

Read Only

Dashboard

R

R

R

R

R

R

Device Management

RU

RU

RU

RU

Policies

CRUD

CRUD

CRUD

R

Applications

CRUD

CRUD

CRUD

R

Users

CRUD

CRUD

CRUD

RU

Auth Devices

CU

CU

CU

CU

Groups

CRUD

CRUD

CRUD

RU

Administrator

CRUD

CRUD

R

R

R

R

Reports

R

R

R

R

Settings

U

U

Owner

Owners are the ones who sign up for a company.

  1. Owners have control over all the links of the portal.

    1. Dashboard – Read-only.

    2. Device Management

      1. Mobile Devices – Update

      2. Windows Management – Read-only

    3. Policies – Add/manage policies.

    4. Applications – Add/manage applications.

    5. Users – Add/manage users.

    6. Groups – Add/manage groups

    7. Administrators – Add/manage administrators

    8. Reports – Read-only

    9. Settings – Edit Settings

  2. Owners can Create, Read, Update and Delete in any of the Add/manage links.

  3. Owner can create another owner who has the same permissions as the first owner.

  4. A single account/company can have multiple owners.

  5. Owner can edit his following details,

    1. First Name

    2. Last Name

    3. Email Address

    4. Phone number – Update & Delete

    5. All authentication factors – Enroll & Deactivate

Administrator

  1. Administrator and Owner role have same rights in the company

  2. Administrators have control over all the links of the portal.

    1. Dashboard – Read-only.

    2. Device Management

      1. Mobile Devices – Update

      2. Windows Management – Read-only

    3. Policies – Add/manage policies.

    4. Applications – Add/manage applications.

    5. Users – Add/manage users.

    6. Groups – Add/manage groups

    7. Administrators – Add/manage administrators

    8. Reports – Read-only

    9. Settings – Edit Settings

  3. Administrator can Create, Read, Update and Delete in any of the Add/manage links.

  4. Admin can edit his following details,

    1. First Name

    2. Last Name

    3. Email Address

    4. Phone number – Update & Delete

    5. All authentication factors – Enroll & Deactivate

Application Manager

  1. Application managers have control over the following links,

    1. Dashboard – Read-Only

    2. Device Management

      1. Mobile Devices – Update

      2. Windows Management – Read-only

    3. Policies – CRUD

    4. Applications – CRUD

    5. Administrators – Read-Only

  2. All the other links are not seen to the application manager.

  3. In administrator link, application manager can only view his own page.

  4. In Application manager’s own page, he can view his details like Name, Email, phone number, role and Phones.

  5. The application manager can enroll and deactivate his biometrics.

User Manager

  1. User Manager have control over the following links,

    1. Dashboard – Read-Only

    2. Users – CRUD

    3. Auth Devices – CU

    4. Groups – CRUD

    5. Administrators – Read-Only

  2. All the other links are not seen to the user manager.

  3. In administrator link, user manager can only view his own page.

  4. In user manager’s own page, he can view his details like Name, Email, phone number, role and Phones.

  5. The user manager can enroll and deactivate his biometrics.

Help Desk

  1. Help Desk have control over the following links,

    1. Dashboard – Read-Only

    2. Device Management – RU

    3. Policies – Read-Only

    4. Applications – Read-Only

    5. Users – Read and Update

    6. Auth Devices – CU

    7. Groups – Read and Update

    8. Administrators – Read-Only

    9. Reports – Read-Only

Users Grid Page

  1. Help Desk cannot add users, hence the Add User button is removed for this page.

User’s Edit Page

  1. Help Desk cannot deactivate a user.

  2. Help Desk cannot delete the phone for a user.

  3. Help Desk can just edit name and add username aliases for the user and save that change.

Group Grid Page

  1. Help Desk cannot add groups; therefore, the Add Group button is removed for this page.

Group Edit Page

  1. Help Desk cannot change the status of a group therefore it has been removed from this page.

  2. Help Desk can only edit group name and description and save the changes.

  3. Help Desk cannot add any users to the groups.

  4. Help Desk can view the users in the groups.

Read-Only

  1. Read-Only have control over the following links,

    1. Dashboard- Read-Only

    2. Administrators – Read-Only

    3. Reports- Read-Only

    4. Settings- Read-Only

    5. All the other links are not seen to Read-Only.

    6. In Settings page, all the fields are static and cannot be edited.

Administrator Grid

(Role Required: Owner, Administrator)

  1. The grid displays all the administrators. Their name, email address, Role and their Last Login.

  2. Any logged in admin user can update their details.

  3. The owner/admin can click on other administrators name to update or modify their information.

Add Administrator

(Role Required: Owner, Administrator)

  1. The owner can add administrators by clicking on the Add Administrator button.

  2. Once the owner enters Name, Email and Phone number

  3. The owner can assign a role to the user from the Role drop-down.

  4. When the Add Administrator button is clicked, a mail is sent to the user with the activation email

Edit Administrator

(Role Required: Owner, Administrator)

  1. The owner can edit any administrators profile. The owner can change the admin’s name, email address and role

  2. The owner can delete administrator’s phone numbers. (Please refer to Delete phone number workflow for reasons to delete the phone and the workflow of the process).

  3. The owner will have a similar edit page, where he can enroll and deactivate his bio-metrics.

  4. Logged in admin user, can update his details.

How to Enroll Auth Factors

Fingerprint Authentication

  1. Click Add fingerprint on computer

  2. Choose any finger and enroll it

  3. Then click Finish to save the enrolled finger’s

Face Authentication

  1. You can enroll your face on computer and AuthX mobile app

  2. Click Add face on computer

  3. Look at the camera & keep your face within the grid to enroll successfully

  4. Click Continue to enroll the face

  5. Click Add face on mobile

  6. A notification will be received. Approve it

  7. Keep the face within the grid to enroll successfully

RFID Authentication

  1. Connect your RFID reader

  2. Click Add RFID

  3. Place your card on the reader

  4. Card enrolled successfully

Pin Authentication

  1. Click Add Pin

  2. Input 6 digit pin to use it

  3. Options

    1. Change Pin – Update to new pin

    2. Activate & Deactivate – Current pin will be active / inactive

Hardware Token Authentication

  1. Go to Authentication Devices and add an Hardware token

  2. Now come back to Users & click Add Hardware Token

  3. Select your device & provide the OTP value

  4. Token added successfully

Administrator Phone Deletion

(Role Required: Owner, Administrator)

  1. Only Owners can delete a phone for an administrator.

  2. Reasons for deleting Phone:

    1. Admin changed his phone (Device)

    2. Admin changed his phone number

    3. Admin deleted his app

    4. Admin lost his phone and wants to disable the phone from being used.

  3. Option to delete should be in edit admin page.

  4. A confirmation pop up asks the admin- “Are you sure you want to delete the phone?” Yes or No

  5. Once the admin deletes the phone, phone number deleted email is sent out to that Admin.

  6. The action column in the phone grid changes. The delete button changes to a Actions icon. On selection, it has 2 options – ”Activate Phone Now, Send Enrollment Email and Send Enrollment Message” and the status changes to “Inactive”.

  7. Activate Phone Now

    1. Redirects to a popup for Phone number activation either by QR code scan or Generate OTP method.

    2. After scanning the QR code, a green tick mark displays & popup is hidden

    3. Now the Phone status is set to Active.

    4. In case if the user did not activate the Phone, the status will be in Pending.