Version: Angophra

Terminology

App

An Apporetum application (app) is a grouping of App Roles that secure and govern account access to your directory groups and business applications. Apporetum apps enforce a business-focused management framework to provide business-driven governance over access to applications without the need for continuous IT involvement. Each application is specifically connected to one Data Source and controls the access of related accounts to that Data Source.

App Role

App Roles are owned by an Apporetum app and are a single resource to which a user can be given access. Resources, depending on the Application's Data Source, can range from a group membership, an Entra ID (formerly Azure Active Directory) App Role assignment or a virtual assignment. Each App Role provides a set of governance functionality to enable IT to enforce who may gain access to a resource and for how long.

App Member

Users who have been added to an Apporetum app and assigned an app role. In addition to Apporetum, app members have access to the App resources.

App Manager

Click here to view more

Apporetum Admins

Click here to view more

Data Source

A data source refers to a system, database, or repository that contains information about users, their attributes, roles, and access entitlements. In Apporetum, when we talk about a data source, we specifically refer to Entra ID (formerly Azure Active Directory), OnPrem AD (Active Directory) or CSV.

Trusted Parties

Trusted parties allow you to add an external partner, who is in a trusted work relationship with your organisation, into Apporetum as a guest.

Integration

Integrations enable your organisation to integrate business processes into Apporetum. They enable automation and empower your bespoke needs to be met. Currently, Apporetum supports a range of activities around retrieving application information, managing user access and managing CSV Applications.

Access

Different access terminologies that we use in Apporetum are as follows:

Scheduled Access

A user has been scheduled for access to Application apps. The user's access activation date is the scheduled date. There are two situations, one is that your access will be activated on the scheduled access date without the need for an approval; the other is that your access is awaiting approval. If approvers don't approve on time, your scheduled access will be delayed.

Expiring Access

A user's access is currently active in Apporetum but will be expiring soon.

Expired Access

A user that used to have active access in Apporetum, but the access has now expired.

Account Type

Account types are classifications of user accounts that can be used to segment users within a data source. For instance, if your data source has a large set of user accounts and you only want to show the enabled accounts within Apporetum, you would create an account type by specifying this criterion so that only the required accounts are pulled into Apporetum and the rest are excluded.

The definition of two account types are below:

Orphaned Account

Accounts that are orphaned from Identities in this Data Source.

Excluded Account

Accounts that exist in Apporetum but are not a member of an Account Type.

App​

App Role​

App Member​

App Manager​

Apporetum Admins​

Data Source​

Trusted Parties​

Integration​

Access​

Scheduled Access​

Expiring Access​

Expired Access​

Account Type​

Orphaned Account​

Excluded Account​

App