Portal Security - Basic

Last modified by Erik Bakker on 2024/08/20 08:56

This microlearning focuses on the essentials of eMagiz portal security, which ensures that only authorized users can access and manage your integration models. We'll cover key areas including user access, model permissions, partner access, and password policies. Understanding these security measures will help you effectively manage who has access to your eMagiz environment and maintain the integrity of your integration models.

Should you have any questions, please contact academy@emagiz.com.

1. Prerequisites

Basic knowledge of the eMagiz platform

2. Key concepts

This microlearning centers around eMagiz portal security.
With portal security we mean: Ensuring that your model is not accessible for those who have no right to access your model.

The portal security consists of multiple parts:

User access to Portal
User access to Integration Models
User authorizations to Integration Models
Partner user access to Client environments
Password Policy & Validity

For each aspect, it is good to know how the security is set up by eMagiz.

3. Portal Security - Basic

Securing the portal is done in various ways. In this microlearning, the focus will be on user access to the portal, to models, and how to determine that a user has exactly the rights he/she needs to execute their job. We will discuss each of these aspects below one by one.

3.1 User access to the portal

Users can be added with their email address by the eMagiz Partner Manager or the Company Contact, upon which the user gets an email to sign-in. A temporary password is created and emailed as well, which has to be changed at the first login to the iPaaS Portal. Users are connected to organizations in eMagiz.

In the administration section of the user, an MFA token can be used to enable the Multifactor Authentication on a user level. Typical authenticators on a smartphone can be used such as Google Authenticator.

3.2 Users access to models

Users can be added to Integration models, which hold all the configurations required to run the different integrations for the TAP environments. Integration models are connected to organizations in eMagiz to ensure the integration model remains within the limits of the license agreements. Users can be added to integration models of the organization where the user belongs to. Users can't be added to integration models of other clients.

3.3 User authorizations to models

Every integration model has a model owner who can distribute rights across functionalities and environments. In the picture below, one can see the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. The model owner manages the user permissions and needs to have the MFA authentication level activated before making any changes.

In case of Edit permission is granted on an ILM phase, all the sub-options can be configured
View rights mean that all options can be viewed only
In case the user has no Edit or View rights to a certain ILM phase, the phase will not be displayed at all in the eMagiz iPaaS Portal
Model owners are assigned to integration models by the previous model owner, the company contact or an eMagiz administrator
An audit trail is kept of the changes made in the model permission structure

crashcourse-platform-manage-portal-security-basic--integration-project-rights.png

3.4 Partner user access to models

Partner organizations are supported in eMagiz. Model owners can select a user from their organization or the connected partner organization. The connection between client and partners organization is managed by eMagiz administrators

3.5 Password policy & Validity

Below the relevant items for the password policy in the eMagiz Portal

There is no expiry policy on the password - eMagiz has a Forget Password functionality.
Password must be 8 - 20 characters long, cannot contain white spaces, and must contain at least one digit, one upper case, and one lower case letter."

4. Key takeaways