Page tree

SAM General FAQs

What Is SAM?

What is Exostar's Secure Access Manager (SAM)?

Exostar’s Secure Access Manager (SAM) Platform is a consolidated portal used for account registration, authentication, and management. The authentication gateway supports secure authentication, and provides access to applications and services hosted by Exostar and those managed by external entities. 

The objective of the SAM Platform is to consolidate registration processes for connecting partners and applications in a secure environment, while providing flexible management and invitation capabilities to application owners.

Why SAM?

What are the benefits of using SAM?

The SAM platform offers a number of benefits to organizations and users:  

  • Our platform extends the basic concept of web-based Single-Sign-On (SSO) to support the single sign-on location to multiple applications.
  • It supports authentication credentials of varying assurance levels.
  • It facilitates an organizational approach to registration, account management, and application access.  
  • It provides organizations with the tools to add new users and grant access to applications.

Types of Organizations in SAM

What types of organizations and users exist in SAM?

The Exostar SAM Platform hosts the following three types of organizations:

  • Organization-Managed Organizations
  • Exostar-Managed Organizations
  • Sponsor-Managed Organizations

Users in SAM can be regular or shared. Users from Sponsor-Managed Organizations can transform into “Shared Users” if they begin to access applications that do not belong to their sponsor.

Organization-Managed Organizations

What is an Organization-Managed Organization?

An Organization-Managed Organization in SAM refers to an organization that is responsible for managing itself. The Org Admin accepts the Terms and Conditions on behalf of the organization members. The organization manages and administers their own users. Org-managed-organization is the only model that will permit establishing SSO / Federated access for their users. To sum up, an Organization-Managed Organization will have these features:

  • It is self-managed
  • Organization is responsible for all users in the organization
  • Org Admin accepts T & Cs
  • Typically larger organizations with established IT expertise
  • Pre-requisite for establishing SSO / Federated connection

Sponsor-Managed Organizations

What is a Sponsor-Managed Organization?

A Sponsor-Managed Organization is an organization registered in Exostar’s SAM Platform and managed by the Sponsor.  Members of this organization are the responsibility of the Sponsor.

The Organization Administrator will accept the Terms and Conditions on behalf of the users within this organization. As long as users access sponsor applications exclusively, the Sponsor’s Admin will have full control over these users. However, once a user subscribes to a non-sponsor app, the sponsor’s admin will stop having full admin control over the user, but will continue administering their organization-specific applications. Shared Users will need to accept Terms and Conditions only once, after subscribing to their first non-sponsor application.

To sum up, a Sponsor-Managed Organization will have these features:

  • This organization is registered & managed by the Sponsor
  • The Sponsor is responsible for all non-sponsor users in the organization
  • Sponsor Org Admin/MPA accepts T & Cs for applications that belong to the Sponsor-Managed Organization
  • Users become shared once subscribed to a non-sponsor application

Exostar-Managed Organizations 

What is an Exostar-Managed Organization?

An Exostar-Managed Organization in SAM is an organization that is managed by Exostar.  Users within Exostar-Managed organizations accept user-level Terms and Conditions, but they only need to be accepted once. Adding additional applications will not require users to accept additional Terms and Conditions again.  This type of organization is intended for independent users of the system, who may not belong to a particular organization, and who may need access to multiple sponsor applications. For example, clinical investigators would belong to this type of organization. To sum up, an Exostar-Managed Organization will have all of the below features:

  • It will be registered and managed by Exostar
  • Users will accept T & Cs only once, after subscribing to their first application
  • Typically, it includes independent users who don’t belong to a particular organization
  • These users need access to multiple sponsor applications
  • Users need to be added to an organization by Exostar, the Sponsor Inviter API, or Adoption Module Administrator.

Shared Users

How do users become "shared"?

Users who are under a Sponsor-Managed Organization (SMO) have the ability to become Shared Users. Shared Users can access applications outside of their sponsored organization. Once users become shared, they will need to accept Terms and Conditions for the first application belonging to a different sponsor. If any additional non-sponsored applications are added, Terms and Conditions will not be required again.   

Once a user subscribes to a non-sponsor application, Organization Administrators and MPAs from the SMO will have only limited control over this user. For instance, they can no longer execute the following functions:

  • Make profile updates for Shared Users
  • Suspend/Enable Shared Users’ SAM accounts
  • Deactivate Shared Users’ SAM accounts
  • Suspend/Enable Organizations with any Shared Users (Applicable to MPAs only)
  • Delete Organizations with any Shared Users (applicable to MPAs only)

SAM Account Disabled

Why did my SAM account get disabled?

Inactivity on your account may result in the account being suspended or deleted. The following are some reasons why your account may get deleted or suspended:

  • Account activation not completed for more than 180 days – If you were invited to SAM and haven’t completed first time login (account activation) for your account within 180 days of account creation, your account will be deleted.  If your account is deleted, you will have to re-register for a SAM account.
  • Application access suspension – Each application can set the parameters for the number of days of inactivity that will lead to access suspension. If your application access is due for suspension in 30 days or less, each time you login to your Exostar SAM Platform account, you will be presented with a flash screen to remind you to access the application and the number of days to suspension. To ensure that you do not lose access to the applications you need, it is a good practice to login to your Exostar SAM Platform account regularly and access available applications.
  • Application access deletion – If your application access has been suspended for ‘x’ number of days as specified by the application owner, your access to the application will be deleted. You will be notified regarding this deletion 30 days in advance.
  • Active account deletion: If the last active application subscription is suspended, your SAM account will be suspended 30 days after the application suspension. You will be notified regarding this suspension 30 days in advance. Contact Exostar Customer Support for information on how to re-establish application access.

How useful was this content?

Your Rating: Results: 1 Star 2 Star 3 Star 4 Star 5 Star 15 rates