We’re going to break this down into sections for ease of use with the high points of our features. We’ll first start as an admin on the portal and go through all that encompasses Evo.

• Tenant (customer) features
  • Directories
  • Users
  • Keys
  • Devices
  • Integrations
  • Onboarding
  • Activity
• Professional Services
  • Rules
  • Privileged Access Management
  • White Labeling
• Profile Menu
  • Profile 
  • Billing & Licenses 

Tenant (customer) features

Under a tenant is where all the magic of the app takes place!

This is where you’ll configure each tenant according to their own unique details and access needs.

Directories 

Evo provides the ability to connect to your existing directory to sync your users. Or create an Evo Cloud directory.

Third party directories sync once every 10-minutes. If a new user is added, or existing user modified, when it appears updated/connected to Evo will depend where in the 10-minute cycle the sync is.

Find out more

• How do I add, edit, or delete a directory?
• Sync with On-Prem Active Directory (LDAP)
• Sync with Azure Active Directory (AD)
• Sync with Azure Active Directory (AD) in one-click
• Sync with Google Workspace 

Troubleshooting

• How do I troubleshoot issues with the Evo LDAP agent?

Best practice(s)

• Changing an existing users email address. 
  • Rather than changing the email address on the user profile, add an alias. 
  • The change in the email address will be considered a brand-new user that must be synced, which means the user will need to scan a new Evo QR code for authentication. 

Users 

Users are added to your tenant in one of two ways – the first being via a sync from a configured directory, such as Google Workspace, or Active Directory. The second is by adding the user manually into Evo. 

Find out more

• How do I add an Evo Cloud user?
• How do I manage my users?
• How do I convert user types?
• How do I manage users from a directory sync?
• How do I manage my user licenses?

Best practice(s)

• Minimum of two (2) active users with type Admin. This helps to ensure that you have the appropriate coverage in the event something happens – one is locked out, away on vacation, etc. 

Keys 

Managing your hardware keys with Evo has never been easier. Hardware keys can be added one-at-a-time, or in bulk via a CSV file.

Before you upload the keys, all users to be assigned a key must have an Evo account. If the user doesn’t exist be sure to add them as an Evo Cloud user or connect them with your directory of choice (Active Directory (On-Prem or Azure), or Google Workspace).

This view will also show you all the Evo QR codes that have been scanned into the Evo Secure Login mobile app by your users. Like a hardware key, you can enable, disable, or delete a scanned QR code, which will disassociate it from the user and require them to scan a new code for future authentication.

Find out more

• Does Evo support hardware keys?
• How do I add keys?
• How do I disable, enable, or delete keys? 

Devices 

If you suspect, there is an unknown device you can either disable the device or delete it. If disabled, and you find it is a valid device, you can always re-enable it for continued use.

Find out more

• View user devices
• How do I disable, enable, or delete user devices?

Integrations  

Integrating your toolset with Evo is a perfect way to have a single tool to manage your identity and access management.

We’re always adding new integrations. If there is an integration that you use but don’t see listed, you can use Integrating Evo with SAML web app for the standard detail.

Otherwise, let us know what we’re missing that would be of value to you. We’ll be happy to add it to our ideas board for future implementation.

Find out more

• What SAML integrations are available?
  
  • Integrating with Auvik
  • Integrating with Domotz
  • Integrating with Dropbox
  • Integrating with IT Glue
  • Integrating with Liongard
  • Integrating Evo with SAML web app
  • Integrating with Salesforce
• What desktop or server integrations are available?
  • Integrating Evo with Windows Desktops

Onboarding 

Email campaigns are great ways to remind your users to complete their user registration and set up multi-factor authentication (MFA).

You can create as many or as little emails within this campaign but be sure to select the date and times individually, at the very least 5-minutes apart.  We currently do not allow the ability to modify the email body – if you have concerns, do please contact us.

Find out more

• How do I add, edit, or delete email campaigns?
• How do I edit, or delete completed email campaigns?

Activity

There are two ways to see the authentication activity for your users. Here we’re going to review the authentication table.

Authentication activity shows you a complete list of the recent successful and failed login attempts by users.

In the table you’ll see such detail as; the users email address, type of request, result (success/fail), date and time of the activity, the tenant they attempted to log into, and the IP address the attempt was made.

Find out more

• How do I see authentication activity?
• Can I see a map of where my users are logging in from?

Professional Settings 

The professional settings portion of the web-app is where our Rules, Privileged Access Management (Restrictions, Permissions, Elevated Access) and White labelling features can be figured. Check it out!

Rules 

Rules are a great way to restrict access or define temporary single sign-on requirements for your SAML enabled web applications that have been integrated with Evo.

When applying a rule, it is applied globally, and will apply to all clients and users.

Find out more

• Understanding Rules
• How do I edit, or delete rules?
• How do I block IP addresses – by country?
• How do I block IP addresses?
• How do I add a rule for single sign-on (SSO) expiration?

Privileged Access Management

Need to control user tenant restrictions, granular permissions, or elevated access possibilities. Look no further. 

Do note, only users with the type of Admin can have tenant restrictions applied, a granular permission group associated, or be granted elevated access.

Be careful when using these features, as you can accidentally lock your own user out of sections of the portal depending on what access roles you apply.

Find out more

Privileged Access Management is broken down into three (3) main areas.

• Tenant Access Permissions
  • How do I manage my tenant access permissions?
• Granular Admin Permissions with Evo
  • How do I add, edit, or delete granular permission groups? 
• Elevated Access
  • Does Evo support password rotation?
  • How do I add a new shared account?
  • How do I disable, enable, or delete shared accounts?
  • How do I enable, or disable password rotation?
  • How do I add a new elevated assignment?
  • How do I disable, enable, or delete elevated assignments?
  • Can I see the shared account passwords?

Tips

When creating the Elevated Access Group, take note of these key points: 

• Only admin users can currently elevate, and they must be given the access role “Can be elevated admin”. See How do I add, edit, or delete granular permission groups?
• The MSI package must be installed to accept Elevated logins. See Integrating Evo with Windows desktops. 

White Labeling

By default, when you sign up for an Evo account, the theme is defaulted to the Evo logo and colors. You can upload your company logo and change the color scheme presented.

You company logo and selected colors will show up in the Evo web (user and admin) portals, and email notifications only. The settings are not applied to the Evo Secure Login mobile app.

Find out more

• How do I update the settings to match my company brand?

Profile Menu

The Profile Dropdown contains the settings and information you would expect to find about your user, as well as billing and help information.

Profile 

If you’ve lost, damaged, or are replacing your phone and are unable to login due to no OTP available. You’ll need another administrator to send you a welcome email with a QR Code attached, so you can log in.

If you’re an end-user, simply log into your Evo portal. On the user portal you’ll be presented with a QR Code for scanning. Scan the new code and follow the wizard. 

Find out more

• How do I register my device?

Billing & Licenses 

Subscriptions are easy with Evo, and fully in your hands, but if you need help or clarification of the subscription, don’t hesitate to contact our Sales team.

You must be an administrator of your Evo account to manage your subscription.

Find out more

• How do I subscribe to Evo?
• What are the different license types?
• How do I manage my payment information?
• How do I manage my licenses?
• Billing and licensing related graphs