Add Aperture Administrators
Initially, to create new administrator accounts on the local database on the Aperture service, you must be logged in as the administrator with the Super Admin role, which is the role assigned to the user specified in the order fulfillment email. With the Super Admin role, you can create additional administrator accounts, assign administrator roles and create teams.
As an admin of a team, you can create other admin accounts with access to the SaaS applications assigned to your team but only a Super Admin role can create other Super Admin accounts. You do not need to create administrator accounts for end users who use the application to create or share content within each SaaS application.
- Select SettingsAdmin Accounts and Add Administrator.
- Enter the Name and Email address of the new administrator.
- Choose an Authentication Type:
- Local Authentication— You can select Configure Google Multi-Factor Authentication (MFA) to grant admin access only after successfully presenting a passcode pair or QR barcode as evidence (additional factor) to authenticate to the Aperture service. If you enable MFA on the Aperture service, all administrator accounts included the local database will be required to provide the additional factor to log in.
- Single Sign-On (SSO)—SAML SSO authentication enables you to grant admin access with seamless authentication using a single set of credentials. This option eliminates the need for application or service specific passwords. Configure SAML Single Sign-On (SSO) Authentication to activate this option. If you enable SSO, you do not have to create administrator accounts on the local database.
- Select the administrative Role:
- Super Admin—A read-write administrator account that allows full functionality within the Aperture service, including global account settings, creating administrator accounts, and assigning administrator roles.
- Admin—A read-write administrator account that allows full functionality within the Aperture service, including the ability to automatically or manually remediate risks and create additional administrator accounts.
- Limited Admin—An administrator account that allows the administrator to assess incidents and remediate risks. This administrator cannot access the Aperture service settings or modify policy rules.
- Read Only—An administrator account that allows the administrator to view information collected by the Aperture service and generate reports but does not allow the administrator to make changes. For example, this administrator can access incidents, but cannot remediate risks.
- Custom Role—An administrator account with custom permissions to allow specific management tasks that meet your organizational needs.
- Select the Team to assign the
administrator to.If you have not created any custom teams, assign the administrator to the predefined All Apps team.
- Select the default Language for the new administrator.
- Save your changes.To verify the role associated with administrator, search using the email address.You can also download a csv file to view the complete list of all administrative users configured on the Aperture service.
New Features Introduced in December 2016
New Features Introduced in December 2016 The following topic provides a snapshot of new features introduced for Aperture™ in December 2016. Refer to the Aperture ...
Manage Aperture Administrators
Add Aperture administrators, manage authentication, create admin teams, and view activity on the Aperture service. ...
Create Aperture Teams
Create Aperture Teams (Beta) As a Super Admin, you can create a team to group cloud apps and restrict admin access to cloud app, incidents ...
Configure SAML Single Sign-On (SSO) Authentication
Configure SAML Single Sign-On (SSO) Authentication By default, the Aperture service uses local (database) authentication which requires you to create Aperture sign in accounts for ...
Reset Administrator Authentication
Reset Administrator Authentication As an Aperture Super Admin , you can reset the Authentication settings for any account except your own. To change your Authentication ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Role-Based Access Control
Role-Based Access Control Role-based access control (RBAC) enables you to define the privileges and responsibilities of administrative users (administrators). Every administrator must have a user ...