Exostar's Training Team offers bi-monthly Organization and Application Administrator training, live, via WebEx. Please see the MAG Webinars page for registration information, as well as training event dates.
Application Administrator Responsibilities
Application Administrators routinely perform these common application access tasks in Managed Access Gateway (MAG):
- Approve Terms & Conditions for applications
- Approve, deny, or suspend access to applications for users
- Request access to applications
- Manage E-mail Subscriptions (related to MAG administration)
Scroll to the sections below for the step-by-step instructions on how to perform these tasks. To view the Application and FIS Administrator guide, click here.
Manage Application Access
Accept Terms and Conditions
Step 1. Log into your MAG account. From your MAG Dashboard, find the application and click Agree to Terms.
Step 2. Click Continue to view the Terms and Conditions.
Step 3. Review the Terms and Conditions. Check the box I have read and agree to these terms and conditions. Click Next.
NOTE: Once you receive the confirmation message, users within your organization can request access to the application.
Approve or Deny Application Requests
Step 1. Log into your MAG account, from the Dashboard click the Registration Requests tab.
Step 2. Click Authorize Application.
Step 3. If there are pending requests, the user's application request displays. Click the hyperlinked Request ID.
Step 4. Review the information and click Next.
Step 5. Select Approve or Deny from the drop-down menu. If denying, you are required to enter comments.
Step 6. Click Next.
Request Application Access
Step 1. Log into your MAG account, from the Dashboard, click the Administration tab.
Step 2. Click the Subscribe to Application button next to the desired application.
NOTE: The request routes to Exostar for approval. It can take up to 48 business hours to process. If approved, the Organization Steward, Organization Administrator or Application Administrator for the application must accept Terms and Conditions before users can request access to the application.
Suspend Application Access
Step 1. Log into your MAG account, click the Administration tab.
Step 2. Click View User tab, then search for the user, and click user ID link to open user’s profile.
Step 3. Under Application Settings, click Suspend next to desired application.
Step 4. Select suspension reason in pop-up window. Click Suspend.
Email Subscription Management
Email Subscription Management provides the ability for Application Administrators to disable certain email notifications such as profile updates, email updates, or user registration notifications. To manage email subscriptions:
Step 1. Log into your MAG account.
Step 2. Click the Profile Menu (your name at the top, right corner) and select Email Settings.
Step 3. Select email notifications you want to turn on or off.
Step 4. Click Submit.
Responsibilities of FIS Administrators
FIS Administrators perform these common tasks in Managed Access Gateway (MAG):
- Authorize FIS requests from users
- Revoke FIS certificates for users within their organization
- Upgrade their organization from FIS BLOA to FIS MLOA
Scroll to the sections below for the step-by-step instructions on how to perform these tasks.
You require the FIS Administrator role to approve FIS requests. To approve FIS requests:
Step 1. Log into your MAG account. From the Dashboard, click Registration Requests.
Step 2. Click Authorize FIS. Any pending requests display.
Step 3. Click the Request ID. The user's information displays.
Step 4. Review the user's information. Please verify the user's ID, first and last name matches their legal name. Also verify the email address is valid (public email addresses such as Hotmail, Gmail, etc. are not allowed).
NOTE: For example, Patrick Starr is a match for starrp_8036. If the request displays a first and last name of Patrick Starr but the user id is doej_1234, the request must be denied. Additionally, ensure the user registered a business domain email address. For MLOA Certificates, ensure the user’s first and last name matches their proofing appointment identity documents. If an account is non-compliant, users need to work with their Organization Administrator to obtain a new account.
Step 5. You can modify the following fields if the user entered incorrect information:
- Partner/Application that requires the digital certificates.
- Certificate Assurance Level: Basic (BLOA), Medium (MLOA), or Unknown.
- Certificate Usage: Only displays if user selects Basic.
- Certificate Type: Software, Hardware, or Unknown.
- Certificate Validity Period: 1 or 3 years. One year is only available for Basic.
- Request Reason: Reason why user requires certificates.
NOTE: Required fields are marked with an asterisk.
Step 6. From FIS Administrator Action, select Approve or Deny. If denying, you are required to enter comments. Click Next.
Step 7. If approving a BLOA certificate request, the user receives an email with installation instructions. If approving MLOA certificates, the request is routed to Exostar for purchase review and proofing dispatch.
FIS Administrators can revoke certificates for users within their organization. Once certificates are revoked, they can no longer be used. New certificates require purchase.
Step 1. Log into your MAG account.
Step 2. Go to the Administration tab. Click View Users.
Step 3. Complete user search. From results, click the hyperlinked User ID.
Step 4. Scroll to the Certificates section. Click Revoke.
Step 5. Select the certificates you are revoking. You are required to select a revocation reason and enter comments. Click Submit.
Step 6. You receive a Certificate Revocation Request form. Click Sign.
Step 7. A signing page displays. Enter your MAG password in the Passcode field. Click Sign.
Step 8. Click Done (located in the lower, right corner of the page).
- Users can revoke their own certificates at any time.
- You should revoke a user’s certificates if you believe the security of those certificates have been compromised in any way.
- You should revoke a user’s certificates if they are no longer employed with your organization.
- Revocation of certificates is a permanent action. (i.e. there is no way to recover those certificates and the user must reapply should they need those certificates).
Upgrade Organization to FIS MLOA
If your organization is subscribed to the Basic Level of Assurance (BLOA) Digital Certificate Service, but your users require the Medium Level of Assurance (MLOA) Digital Certificates, please contact your Organization Administrator for assistance. They can request an upgrade for FIS MLOA.