Terminology
Appβ
An Apporetum application (app) is a grouping of App Roles that secure and govern account access to your directory groups and business applications. Apporetum apps enforce a business-focused management framework to provide business-driven governance over access to applications without the need for continuous IT involvement. Each application is specifically connected to one Data Source and controls the access of related accounts to that Data Source.
App Roleβ
App Roles are owned by an Apporetum app and are a single resource to which a user can be given access. Resources, depending on the Application's Data Source, can range from a group membership, an Entra ID (formerly Azure Active Directory) App Role assignment or a virtual assignment. Each App Role provides a set of governance functionality to enable IT to enforce who may gain access to a resource and for how long.
App Memberβ
Users who have been added to an Apporetum app and assigned an app role. Apart from Apporetum, app members have access to the App resources.
App Managerβ
Click here to view more
Apporetum Adminsβ
Click here to view more
Data Sourceβ
A data source refers to a system, database, or repository that contains information about users, their attributes, roles, and access entitlements. In Apporetum, when we talk about a data source, we specifically refer to Entra ID (formerly Azure Active Directory), OnPrem AD or CSV.
Trusted Partiesβ
Trusted parties allow you to add an external partner, who is in a trusted work relationship with your organisation, into Apporetum as a guest.
Integrationβ
Integrations enable your organisation to integrate business processes into Apporetum. They enable automation and empower your bespoke needs to be met. Currently, Apporetum supports a range of activities around retrieving application information, managing user access and managing CSV Applications.
Accessβ
Different access terminologies that we use in Apporteum are as follows:
Scheduled Accessβ
A user has been scheduled for access to Application apps. The user's access activation date is the scheduled date. There are two situations, one is that your access will be activated on the scheduled access date without the need for an approval; the other is that their access is awaiting approval. If approvers don't approve on time, your scheduled access will be delayed.
Expiring Accessβ
A user's access is currently active in Apporetum but will be expiring soon.
Expired Accessβ
A user that used to have active access in Apporetum but the access is expired now.
Account Typeβ
Account types are classifications of user accounts that can be used to segment users within a data source. For instance, if your data source has a large set of user accounts and you only want to show the enabled accounts within Apporetum, you would create an account type by specifying this criterion so that only the required accounts are pulled into Apporetum and the rest are excluded.
The definition of two account types are below:
Orphaned Accountβ
Accounts that are orphaned to Identities in this Data Source.
Excluded Accountβ
Accounts that exist in Apporetum but are not a member of an Account Type.