Page tree




SAM Organization Administrator

Responsibilities

Organization Administrators (Org Admins) routinely perform these common tasks in Secure Access Manager (SAM):




Tabs for Org Admins

There are two tabs in SAM Org Admins use to complete their administrative duties: the Administration and Registration Requests tabs. The absolute majority of admin duties can be completed from the Administration tab. The links on the left are clickable. The GIF below offers the view of your SAM account from the Administration and Registration Requests tabs: 



Accept Terms and Conditions

How can I accept Terms and Conditions for applications?

To accept Terms and Conditions, complete the steps below:

Step 1.  Log into the Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Under the Home tab, click the View Service Agreement link (it displays next to the applications). 

Step 3.  After reviewing the agreement, and click I Agree to accept it. You receive the Service Agreement confirmation message.




Add New Users 

Add Single User

How can I create a single new user account in SAM?

Step 1.  Log into the Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Navigate to the Administration tab, and click Add New User. A password message displays, but the password is not required for this action.

Step 3. In the Add New User section, complete all required fields (marked with the red asterisk).

Step 4.  In the Application Settings section, select a Role for the new user.

NOTE: The choices include: User, Organization Admin, Application Admin, and both Organization Admin and Application Admin.

Step 5.  Select the applications users should have access to, and click Continue.

NOTE: If the Application Administrator or Organization Administrator & Application Administrator role is assigned, you must also designate the applications this user is authorized to administer. By default, the Application Administrator role is disabled for most applications.

Step 6.  Review and verify the information you entered. Click Modify to make any changes or Cancel to cancel this transaction. Click Submit.

Self-Registration

How can I add users via self-registration?

You can ask new users to self-register for a SAM Platform account. Ask them to access self-registration at https://secureaccess.exostar.com/userRegistration. Please note you need to provide your users with the Org ID for your company, in order for them to proceed through self-registration. After the user registers, you receive the email verification about a pending user request.


Follow these steps to approve the user:

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Navigate to the Registration Requests tab, and access the Verify link to view the list of pending requests.

Step 3.  Click the Request ID link for the request you would like to approve.

Step 4.  Review the User Registration Request information, including the Products & Services access request. Click Next.

Step 5.  Complete all required fields, and click Next. If you select Deny, you are required to enter Comments to explain your reasons for denial.

Step 6.  The Confirmation page displays, confirming the user’s active SAM status.



Manage Existing Users 

Locate and Modify Users

How can I locate users and modify their profiles? 

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal. Click View Users.

Step 3.  Use filters to narrow your search, or view the complete list of users in your Organization by clicking Search.

Step 4.  All search results display. Click the User ID to access the user’s profile information.

Step 5. Make changes in User Profile section, and click Continue.

NOTE: In the User Profile section, you can update any field, except for User ID, Role, Org Name, and Org ID. In the Application Settings section, you can update a user’s role, access to applications, and access to SAM. You can also reset the user’s one-time password.

Step 6.  Verify the changes. You can click Modify to go back and make further changes, or Cancel to go back to the Search page. Click Submit.


The Modify Email option allows you to update a user’s email address. After an Org Admin modifies the email address, the user receives an email with the activation code and steps for activating their new email address. The new email address is not reflected in Exostar SAM Platform until the user completes the activation process. However, this feature does not work with SSO/EAG users.  SSO/EAG users who need to update their email, must contact their Corporate Helpdesk. Also, Admins of a Sponsor-Managed Org cannot update user profiles once a user becomes “Shared,” or subscribed to at least one non-sponsor application.


Resend Activation Email

How can I resend the activation emails to a user?

Organization or Service Provider Administrators can resend the Activation Email for inactive users from the Application Settings section of the User Details page. Locate the user and access their profile page by following the steps above. Then complete these steps:

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal.

Step 3.  Click View Users, and use filters to narrow your search. Click Search.

Step 4.  Click the User ID to access the user’s profile information.

Step 5.  If a user account has an Inactive status, scroll down to the Application Settings, and click Resend Activation Email.

Step 6.  A confirmation page displays. Click Submit to resend the email.


Suspend, Reactivate, and Delete User

How can I suspend, reactivate, or delete a company's SAM user?

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal.

Step 3.  Click View Users, and use filters to narrow your search. Click Search.

Step 4.  Click the User ID to access the user’s profile information.

Step 5.  Scroll down to the Application Settings, and click one of these buttons: Suspend User Access or Delete User. A confirmation page displays.


Sponsor Managed Organization Administrators and MPAs cannot permanently delete Shared Users Exostar SAM Platform accounts.



Manage Application Access 

Subscribe Company to Application

How can I subscribe my company to a new application?

To subscribe your organization to an application, complete the steps below:

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal, and click the Subscribe to Application link on the left.

Step 3. Complete the Administrator Information page, or select an existing administrator from the drop down list. Click Next.

Step 4. Confirm the administrator selection and information. Click Next, and receive your confirmation with a reference number.


Please note most applications in SAM require an invitation. If you do not see the desired application, contact Exostar Customer Support .


Suspend, Edit, and Reactivate Application Access

How can I suspend, edit, and reactivate application access for users?

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal.

Step 3.  Click View Users, and use filters to narrow your search. Click Search.

Step 4.  Click the User ID to access the user’s profile information.

Step 5.  Scroll down to the Application Settings. Click Suspend next to the appropriate application to suspend access to it. Click Edit to modify the subscription period for the application. 

Step 6.  Click Continue. A confirmation page displays. The user status changes to Inactive.

Step 7.  Return to the user’s profile page. The Application Settings section shows the user’s status as Suspended. To reinstate access to the application, click Activate. A confirmation page displays.


Sponsor Managed Organization Administrators and MPAs cannot suspend, edit, or reactivate non-sponsored applications on Shared Users Exostar SAM Platform accounts. However, Service Provider Administrators can suspend, reactivate, or edit access.




Manage Users and Access in Batch

Add Users in Batch

How can I upload multiple users simultaneously (in batch)?

To complete a batch action, download and fill out our SAM User Upload Template. For the template instructions, consult the SAM Administrator Guide (appendix A). Create a CSV file that contains user and organization information. When applicable, include the R-IDP User ID. R-IDP provisions enterprise users directly, using enterprise credentials.


Follow the steps below to add users via the User Upload link:

Step 1.  Log into the Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Navigate to the Administration tab, and click the User Upload link.

Step 3.  Click Pick a file. Navigate and select the desired file. Click Upload.

Step 4.  Using the drop-down menu, select the Onboarding Sponsor.

NOTE: The selection affects the branding, help links, and content specific to that sponsor.

Step 5.  After selecting the file and onboarding sponsor, click Validate. The system examines the file. If the system detects errors, they display on the screen, marked with a red X. User information with errors will not be processed. Please correct the errors, and re-upload the file.

Step 6.  Click Commit to upload the users. The system creates new accounts, and sends emails to users informing them about their new SAM accounts.


If users are created with the Defer E-emails option enabled, no first time login emails are sent to these users. Depending on what type of user is created in the .csv file (username/password vs. SSO user), there are two options to enable the users:
  1. Username/Password users: Use the Resend Activation Email link from within the user profile, or use the Batch Activation Email option to resend the activation email to multiple users.
  2. SSO/Federated/EAG users: There is no option to retrigger login emails for SSO users. Instead, instruct the users to go to the Exostar SAM Platform Login Page (https://secureaccess.exostar.com), and to enter their email address or User ID. Exostar SAM Platform will then link the user to the proper R-IDP.

If the R-IDP User ID is specified for the user, the system shall link that user to the organization’s R-IDP using the specified R-IDP User ID. Instruct the user to go to the Exostar SAM Platform Login page and enter their email address or user ID. User not uploaded with an R-IDP ID will receive the Account Activation email.


Subscribe Users to Applications in Batch

How can I subscribe multiple users to an application?

Org Admins may choose to provision existing user accounts to a specific application in batch, using the Batch Subscription function. To complete this batch action, fill out the Batch Subscription Template. For the template instructions, consult the SAM Administrator Guide (appendix C). Fill out the template, and follow the steps below to complete this batch operation:

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal, and click the Batch Subscription link on the left.

Step 3. Click Pick a file to locate the correct file. Click Upload to upload the file

Step 4. Select the application. Click Validate to proceed.

Step 5. A confirmation message displays. Click Commit to load user subscriptions.


If users have a green check-mark next to their name, it means they were granted access. Users with the red X mark next to their name were not processed due to errors: review the list of errors, and correct them to complete the upload.


Reset Inactive Accounts in Batch

How can I batch-resend activation emails to inactive users?

If there are multiple inactive users, Org Admins can reset their accounts by clicking the Batch Activation Email link. To complete this action, download and fill out the Batch Activation Email Template. Review the SAM Administrator Guide (Appendix D) for the instructions on this template. Upload the CSV file containing user UPNs (UserID@fis.evincible.com) to reset inactive accounts in bulk.


Follow the steps below to complete this action:  

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal, and click the Batch Activation Email link on the left.

Step 3. Click Pick a file to locate the file containing user information. Click Upload to upload the file.

Step 4. Click Validate to proceed.

Step 5. A confirmation message displays. Click Commit to complete the reset.



Reset Passwords 

Reset User's Permanent Password and Security Questions

How can I reset a user's permanent password or security questions?

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal.

Step 3.  Click View Users, and use filters to narrow your search. Click Search.

Step 4.  Click the User ID to access the user’s profile information.

Step 5.  To reset the user’s permanent password, click Reset Permanent Password. Click Reset Security Question to reset the user’s security question

The user receives an email with instructions on how to reset the permanent password and security questions.


Please be advised once a user becomes a Shared User, Sponsor Managed Org Admins and MPAs is unable to reset their password. SP Administrators can reset permanent password or resend the activation email.



Manage Org Details 

Update Email Domains

How can I update my company's allowed email domain(s)?

Org Admins can define allowed email domains for their company. If this filter is set, all existing users will need to conform to this standard. To define allowed domains for your company's users, complete the steps below:

Step 1.  Log into Exostar SAM Platform at https://secureaccess.exostar.com.

Step 2.  Access the Administration tab on the Exostar SAM Platform portal, and click the Update Organization link on the left.

Step 3. Enter email domains permitted for automatic provisioning (for example, exostar.org). Click Submit.

Step 4. If any existing users do not comply with the allowed email domains, you receive an error message. Correct the list of domains to include all current user domains, or modify user emails to comply with the new restriction.

Step 5. Click Submit.


Please be advised once a user becomes a Shared User, Sponsor Managed Organization Administrators and MPAs are unable to modify their SAM accounts.


Questions?
If you have additional questions, review our SAM Administrator Guide.

How useful was this content?

Your Rating: Results: 1 Star 2 Star 3 Star 4 Star 5 Star 14 rates