Page tree




SAM Service Provider Administrator

Responsibilities

The Service Provider Administrators (SP Admins) are often referred to as application owners because they are responsible for managing access to the applications they administer. SP Admins have access to the Provider Administration tab, and can complete the following app management tasks:




Access the Provider Administration Tab 

SP Admins manage access to the applications they administer from the Provider Administration tab in SAM. The GIF below provides the view of the Provider Administration tab:




Approve User Access 

How can I approve access to applications individually or in multiples?

 Click here to view the steps.

User access requests can be accessed from the Approve link. Requests can be approved individually or in multiples. Follow the steps below to approve or deny requests:

Step 1.  Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the Approve link.

Step 3.  Use search filters to locate specific requests. Select the value in the Filter Request By drop-down menu to view all, new, or pending requests. Select the value in the Search For drop-down menu to enter a user name, user ID, or organization information. Click Search.

Step 4.  Review search results. To approve or deny an individual access request, select the desired request by clicking the Request Id link. Follow the prompts, and click Approve to approve application access. Click Deny to deny application access.  

Step 5. To approve or deny multiple requests, select the desired requests by placing a check-mark in the box next to the Request ID link. From the Action drop-down menu, select the desired action: Approve Selected Requests or Deny Selected Requests, and click Apply.

You receive a confirmation message, and the users receive an email advising of approval.



Suspend or Reactivate User Access 

How can I suspend or reactivate a user's access to the applications I administer?

 Click here to view the steps.

Complete the steps below to suspend or reactivate user's access to applications:

Step 1.  Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the View Users link.

Step 3.   From the drop-down menu, select the desired search option and enter value. Click Search.

Step 4.  Click the User ID link for the desired user.


To Suspend Access to Applications:

Step 1.  In the user’s profile, scroll to the bottom to locate the Application Settings section. Click Suspend next to the desired application.

Step 2.  A confirmation message displays. Click OK. The user’s account updates and their access to this application is now suspended. An updated status for the user displays.


To Reactivate Access to Applications:

Step 1.  In the user's profile, scroll to the bottom to locate the Application Settings section. Click Activate next to the desired application.

Step 2.  A confirmation message displays. Click OK.

Once a user becomes a Shared User, Sponsor Managed Org admins and MPAs are unable to suspend or reactivate access to non-sponsored applications. However, SP Admins can complete these tasks.



Reset Passwords and Security Questions 

How can I reset a permanents password and security questions for a user? 

 Click here to view the steps.

Follow the steps below to reset permanent passwords and security questions for users:

Step 1.  Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the View Users link.

Step 3.  Locate the user, and click the User ID link.

Step 4. In the user’s profile, scroll to the bottom to locate the Application Settings section. Click Reset Permanent Password.

Step 5. A confirmation message displays, and an email is sent to the user’s email address. The email contains a system-generated password.

Once a user becomes a Shared User, Sponsor Managed Org admins and MPAs are unable to reset their permanent password.  However, SP Administrators can reset permanent passwords or resend activation email.



Resend Activation Email 

How can I resend activation emails? 

 Click here to view the steps.

Follow the steps below to resend the activation emails to users who failed to activate their SAM accounts:

Step 1.  Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the View Users link.

Step 3.  Locate the user, and click the User ID link.

Step 4. In the user’s profile, scroll to the bottom to locate in the Application Settings section. Click Reset Activation Email.

A confirmation message displays.



Suspend or Reactivate Application Access for Organizations 

How can I locate an organization and either suspend or reactivate their access to the applications I administer?

 Click here to view the steps.

Follow the steps below to locate an organization and to suspend their access to the applications you administer:

Step 1. Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the View Organizations link.

Step 3. Select the desired search filter, and enter a value into the search field. Click Search. If you leave the search field blank, the full list of organizations display.

Step 4. Click the Organization ID to view all organizational information, contacts, and administrators.


To Suspend Access to Applications:

Step 1. Scroll to the bottom of the Organization’s profile page, and click Suspend. You are prompted to confirm the Suspension: click OK.

Step 2. The confirmation message displays.


To Reactivate Access to Applications:

Step 1. Scroll to the bottom of the profile to the Application Settings section, and click Activate. You are prompted to confirm the Activation: click OK.

Step 2. The confirmation message displays.



Turn on the Automatic Application Approval for Organizations 

What are the steps for getting an organization automatically approved for access to my applications?

 Click here to view the steps.

You can turn the automatic approval for access to applications for the organizations of your choice. To do so, simply add the organizations to the Approved List. After you add an organization to this list, users from this organization no longer need your approval to access applications you administer.


Follow the steps below to add or remove the organization from the Approved List:

Step 1. Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the Approval Settings link.


To turn on the automatic application access approval for selected organizations, complete these steps:

Step 1. To add an organization to the approved list, enter the Organization ID. From the drop-down menu, select the application for which you would like to add the organization to the approved list. Click Add Organization.

Step 2. The page refreshes, now showing the organization on the approved list. You may add as many organizations as you wish to the approval list for each application.


To turn off the automatic application access approval for selected organizations, complete these steps:

Step 1. Use the search fields to locate the desired organization.

Step 2. Click the Remove link to remove of an organization from the approved list.



Turn Email Verification On/Off 

I want to protect my applications with additional email verification. How is it done?

 Click here to view the steps.

To check whether the Email Verification is on or off, complete the following steps:

Step 1. Log into SAM at https://secureaccess.exostar.com.

Step 2.  Navigate to the Provider Administration tab, and click the Approval Settings link to determine if Email Verification (Email OTP) is turned on or off for your applications. When the setting displays True, it means that Email OTP is turned on. When the setting displays False, Email OTP is turned off.

When Email Verification is turned on for an application, users need to enter an OTP code (it arrives via an email) in order to access the application. Email OTP is used in addition to any other security credentials (Phone OTP, Hardware OTP, or Exostar Mobile ID). Once it is off, users are no longer be required to enter an OTP code to access their application.

Email Verification, or Email OTP, can only be set or removed by Exostar. Contact Exostar Customer Support to enable this security measure for your applications.



Turn Email Restriction On/Off 

I want to restrict application access to specific user emails or email domains. How is it done?

 Click here to view the steps.

If Email Restriction is turned on for an application, SP Admins can add specific emails for existing SAM users and specific domains (for instance, company.com) to allow these users access specific applications. Users whose email addresses and domains are not listed, cannot access applications.


Follow the steps below to add approved email domains and addresses:

Step 1. Contact Exostar Customer Support to enable the Email Restriction option for your applications. You are notified once your request is complete. At this point, you can start adding Email Restriction. Complete steps 2 through 6 to add Email Restrictions.

Step 2. From the Provider Administration tab, click Application Settings, and then click the Application Name you are adding email restriction to.

Step 3. Enter allowed email domains and/or address in the Allowed Email Domains and Address field (for instance, firstname.lastname@domain.com).  You can enter both domain and email address simultaneously. Please use commas to separate information. Please note you are unable to edit an existing email address for an active user. You must enter the modified email addresses or domains as new. 

Step 4. Scroll to the bottom of the page, and click Submit. You receive a success message.

Step 5. Email addresses or domains included in the list are able to access the application. Allowable email addresses and domains display in the Allowable Email Domains column. You can also view the complete list by clicking the Application Name.

NOTE: Email addresses or domains that have not been included receive an error message when trying to access the application.



Questions?
 If you have additional questions, review our SAM Administrator Guide.

How useful was this content?

Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 10 rates