CSV
Overviewβ
In this article, you will learn how to configure app roles if your data source is CSV. The configuration processes are different in apps that use Entra ID (formerly Azure Active Directory) and On-Prem AD data sources.
The article of configuring app roles in an Entra ID (formerly Azure Active Directory) or OnPrem AD app can be found here.
Role Guardrailsβ
Role guardrails have been designed and applied in this process to strengthen the access management within your organisation or business. For example, during the role configuration, you can select internal users or external users under General Eligibility, to filter what users are allowed to be assigned with the role.
Internal users: Selecting this option will only allow people within the organisation to be invited to this role.
External users: Selecting this option will allow people from trusted parties to be invited to this role. You can also search and add specific trusted parties in this option.
Navigate to Existing App Role Configurationβ
- Click Apps main menu option
- Search/find and click the app you want to configure
- Click the three dots icon on the top right corner
- On the drop-down menu, choose Edit App
- By default, you will land on the App Info configuration page
- Click Roles in the left menu
Edit a Current Roleβ
Create a New Role in App Configurationβ
- Click Apps main menu option
- Click the Configure App option located on the top right of the page under your name
- By default, you will land on the App Info configuration page
You will need to finish configuring the App info settings before starting role settings. More details about configuring app information by clicking here. ::: 4. Select the sub-menu option, Roles
Import Rolesβ
When you prepare your CSV file, click Import now then click Download Template to access the guide. We highly recommend you use the template to help you format your data and import it to Apporetum successfully.
Here are the three processes:
Upload Fileβ
You need to upload your CSV file to be able to continue the rest of role configuration processes. Click Download Template to guide you through the preparation process to ensure you properly format your CSV file.
- Format supported: CSV
- Ensure your Azure Resources are appropriately sized for files larger than 5MB
Match Usersβ
- Choose Matching Type : 1 To Many or Many to 1
- Choose the best fit for your data
- 1 To Many means that you can choose only one option in Columns from your file, and one or more needed from Apporetum fields
- Many to 1 means that you can choose one or more you need from Columns from your file, and only one option from Apporetum fields
- Click the drop-down menu and select from Columns from your file
- Click the drop-down menu and select from Apporetum fields
- There are a few options depending on your needs:
- Click + Add another to add one more mapping
- Click X Remove all to remove all the current mapping
- Click the three dots next to each mapping, then click X Remove mapping to remove that single mapping
- Click Restore defaults to reset all current mappings to initially auto mapped field
- Click Save and continue
Map Rolesβ
- Under Format, choose from Each Role Is In A Seperate Column or All Roles Are In One Column
When you format your data before importing it, we recommend you download templates as a guide. You will then choose the correlated format here, based on which template you use. ::: 2. Under Columns, choose the columns from your CSV file that contain role information 3. Under Values, specify True values and False values - define how a role is indicated in the role columns from your file 4. If needed, click X Clear all values at the bottom of this section
Once you click this button, it will clear EVERYTHING under Map Roles, including Format, Columns, and Values.
- Click Save and continue
Setup Guardrailsβ
- Choose from Low or High at Level of Concern
- The more privileges a role has, the higher the level of concern should be.
- We recommend you analyse how you would set up default guardrails. The purpose is to minimise the work that you need to do to change the level of concern for roles individually.
- A possible way to avoid security concerns is to set the level of concern as low, if you know which individual roles to set as high.
- Choose from No or Yes at Approval Required?
- Choose from a timeframe at Reconciliation Period
- Choose from a timeframe at Access Expires
- (Mandatory) Choose from Internal users and/or External users at General Eligibility
Internal users: selecting this option will only allow people within the organisation to be invited to this role.
External users: selecting this option will allow people from trusted parties to be invited to this role. You can specify which trusted parties.
- Click Save and complete