View Third-Party Plugin Users
Table of Contents
View Third-Party Plugin Users
Examine the users who installed third-party plugins or the workspaces on which
third-party plugins are installed.
If user information is supported by the SaaS marketplace app, you can examine the
users who installed third-party plugins to identify usage risks posed by individual
users. User information is not available for Atlassian or Zoom.
You can examine user information in
the following two ways:
- Across all marketplace apps from the 3rd Party Plugins page (). The Users tab on the 3rd Party Plugins page displays a table of all the users who have installed third-party plugins in marketplace apps.
- For one marketplace app instance, from the Users tab of the app's details page. The table on the Users tab lists the users who have installed third-party plugins in the marketplace app instance.
For more information about any of the third-party plugins, you can review the
information shown in the catalog of third-party
plugins.
View Third-Party Plugin Users Across All Marketplace Apps
Review the information on the 3rd Party Plugins page's Users tab to identify the
usage risks posed by individual users.
From the 3rd Party Plugins page's Users tab, you can view all the users who have
installed third-party plugins in marketplace apps. For each user you can view how
many plugins they have installed, and the marketplace applications in which they
have installed plugins. Use this information to identify usage risks posed by
individual users.
User information is not available for Atlassian and Zoom.
The 3rd Party Plugins page does not include user information for these marketplace
apps.
- Navigate to .Navigate to the Users tab to view plugin use across marketplaces by individual users.
![]()
The Email column identifies the email address of the user who installed the third-party plugin. The Name column identifies the user name, except for Slack. In Slack, plugins are installed to a workspace and are then accessible to all members of the workspace. For this reason, the Name column for a Slack application identifies the slack workspace.The Marketplaces column shows all the marketplace types to which the user has installed plugins. User information is not available for Atlassian and Zoom. If the user has installed plugins in one of these marketplace types, the Marketplace column does not show that information.Review the Users table for potential risky users. For example, you might want to review the users who have installed the most plugins, as shown in the Plugins column. To view all of the plugins that the user has installed, click on the user's email address in the Email column.Take action on the third-party plugin.From the Actions column, you can specify that you Reviewed the plugin and will allow its continued use. From the Actions column you can also, in some cases, Revoke Access to the plugin for all active users of the plugin. To revoke access for individual users, click on Plugin Name in the table and, in the Plugin Details panel, navigate to view the plugin's Users. Whether the Revoke Access action is available depends on the level of permission that SSPM has to the marketplace app, and on the capabilities that the marketplace app's API provides. If the Revoke Access action is not available, you can instead log in to the SaaS app's administration console, and follow its documentation to remove the plugin.View Third-Party Plugin Users for One Marketplace App
The Users tab shows the users who installed third-party plugins. Use this information to identify usage risks posed by individual usersIf supported by the SaaS marketplace app, you can examine the users who installed third-party plugins. This information will help you to identify usage risks posed by individual users. In Slack, plugins are installed to a workspace and are then accessible to all members of the workspace. For this reason, when viewing a Slack app, you can examine workspaces instead of users. User information is not available for Atlassian or Zoom. - Navigate to the third-party plugins for a marketplace app. Do one of the following:
- Navigate to the third-party plugins from the dashboard:
- Select , and locate the Applications by 3rd Party
Plugins area. This area shows the marketplace apps that
have the most unreviewed plugins. The area shows the number of
unreviewed plugins for each app.Investigate each unreviewed plugin to judge whether it threatens your organization's security.
- For the marketplace app whose third-party plugins you want to
review, click the Unreviewed Plugins
link.
![]()
- Select , and locate the Applications by 3rd Party
Plugins area. This area shows the marketplace apps that
have the most unreviewed plugins. The area shows the number of
unreviewed plugins for each app.
- Navigate to the third-party plugins for a marketplace app from the
Applications page.
- Select .
- Locate the SaaS app, then View Details.
- Select the Connected Applications tab.
Select the Users tab. For Slack, select the Workspaces tab.![]()
The table on this page lists the users or workspaces that have connected plugin applications. The table displays information for each plugin, such as the email address of the user or workspace owner, the number of connected applications for the user or workspace, and the number of connected applications by application severity.Click the table's download icon to export the table information to a CSV file.Select the name of the user or workspace whose third-party plugin usage you want to review.![]()
Take action on the third-party plugin.For example, from the Actions column you can Revoke Access for the user. Whether the Revoke Access action is available depends on the level of permission that SSPM has to the marketplace app, and on the capabilities that the marketplace app's API provides. If the Revoke Access action is not available, you can instead log in to the SaaS app's administration console, and follow its documentation to remove the plugin. - Navigate to the third-party plugins from the dashboard:
