Evo for Dummies! The Admin Portal Follow
We’re going to break this down into sections for ease of use with the high points of our features. We’ll first start as an admin on the portal and go through all that encompasses Evo.
Tenant (customer) features
Under a tenant is where all the magic of the app takes place!
This is where you’ll configure each tenant according to their own unique details and access needs.
Directories
Evo provides the ability to connect to your existing directory to sync your users. Or create an Evo Cloud directory.
Third party directories sync once every 10-minutes. If a new user is added, or existing user modified, when it appears updated/connected to Evo will depend where in the 10-minute cycle the sync is.
Find out more
- How do I add, edit, or delete a directory?
- Sync with On-Prem Active Directory (LDAP)
- Sync with Azure Active Directory (AD)
- Sync with Azure Active Directory (AD) in one-click
- Sync with Google Workspace
Troubleshooting
Best practice(s)
- Changing an existing users email address.
- Rather than changing the email address on the user profile, add an alias.
- The change in the email address will be considered a brand-new user that must be synced, which means the user will need to scan a new Evo QR code for authentication.
Users
Users are added to your tenant in one of two ways – the first being via a sync from a configured directory, such as Google Workspace, or Active Directory. The second is by adding the user manually into Evo.
Find out more
- How do I add an Evo Cloud user?
- How do I manage my users?
- How do I convert user types?
- How do I manage users from a directory sync?
- How do I manage my user licenses?
Best practice(s)
- Minimum of two (2) active users with type Admin. This helps to ensure that you have the appropriate coverage in the event something happens – one is locked out, away on vacation, etc.
Keys
Managing your hardware keys with Evo has never been easier. Hardware keys can be added one-at-a-time, or in bulk via a CSV file.
Before you upload the keys, all users to be assigned a key must have an Evo account. If the user doesn’t exist be sure to add them as an Evo Cloud user or connect them with your directory of choice (Active Directory (On-Prem or Azure), or Google Workspace).
This view will also show you all the Evo QR codes that have been scanned into the Evo Secure Login mobile app by your users. Like a hardware key, you can enable, disable, or delete a scanned QR code, which will disassociate it from the user and require them to scan a new code for future authentication.
Find out more
Devices
If you suspect, there is an unknown device you can either disable the device or delete it. If disabled, and you find it is a valid device, you can always re-enable it for continued use.
Find out more
Integrations
Integrating your toolset with Evo is a perfect way to have a single tool to manage your identity and access management.
We’re always adding new integrations. If there is an integration that you use but don’t see listed, you can use Integrating Evo with SAML web app for the standard detail.
Otherwise, let us know what we’re missing that would be of value to you. We’ll be happy to add it to our ideas board for future implementation.
Find out more
Onboarding
Email campaigns are great ways to remind your users to complete their user registration and set up multi-factor authentication (MFA).
You can create as many or as little emails within this campaign but be sure to select the date and times individually, at the very least 5-minutes apart. We currently do not allow the ability to modify the email body – if you have concerns, do please contact us.
Find out more
Activity
There are two ways to see the authentication activity for your users. Here we’re going to review the authentication table.
Authentication activity shows you a complete list of the recent successful and failed login attempts by users.
In the table you’ll see such detail as; the users email address, type of request, result (success/fail), date and time of the activity, the tenant they attempted to log into, and the IP address the attempt was made.
Find out more
Professional Settings
The professional settings portion of the web-app is where our Rules, Privileged Access Management (Restrictions, Permissions, Elevated Access) and White labelling features can be figured. Check it out!
Rules
Rules are a great way to restrict access or define temporary single sign-on requirements for your SAML enabled web applications that have been integrated with Evo.
When applying a rule, it is applied globally, and will apply to all clients and users.
Find out more
- Understanding Rules
- How do I edit, or delete rules?
- How do I block IP addresses – by country?
- How do I block IP addresses?
- How do I add a rule for single sign-on (SSO) expiration?
Privileged Access Management
Need to control user tenant restrictions, granular permissions, or elevated access possibilities. Look no further.
Do note, only users with the type of Admin can have tenant restrictions applied, a granular permission group associated, or be granted elevated access.
Be careful when using these features, as you can accidentally lock your own user out of sections of the portal depending on what access roles you apply.
Find out more
Privileged Access Management is broken down into three (3) main areas.
- Tenant Access Permissions
- Granular Admin Permissions with Evo
- Elevated Access
- Does Evo support password rotation?
- How do I add a new shared account?
- How do I disable, enable, or delete shared accounts?
- How do I enable, or disable password rotation?
- How do I add a new elevated assignment?
- How do I disable, enable, or delete elevated assignments?
- Can I see the shared account passwords?
Tips
When creating the Elevated Access Group, take note of these key points:
- Only admin users can currently elevate, and they must be given the access role “Can be elevated admin”. See How do I add, edit, or delete granular permission groups?
- The MSI package must be installed to accept Elevated logins. See Integrating Evo with Windows desktops.
White Labeling
By default, when you sign up for an Evo account, the theme is defaulted to the Evo logo and colors. You can upload your company logo and change the color scheme presented.
You company logo and selected colors will show up in the Evo web (user and admin) portals, and email notifications only. The settings are not applied to the Evo Secure Login mobile app.
Find out more
Profile Menu
The Profile Dropdown contains the settings and information you would expect to find about your user, as well as billing and help information.
Profile
If you’ve lost, damaged, or are replacing your phone and are unable to login due to no OTP available. You’ll need another administrator to send you a welcome email with a QR Code attached, so you can log in.
If you’re an end-user, simply log into your Evo portal. On the user portal you’ll be presented with a QR Code for scanning. Scan the new code and follow the wizard.
Find out more
Billing & Licenses
Subscriptions are easy with Evo, and fully in your hands, but if you need help or clarification of the subscription, don’t hesitate to contact our Sales team.
You must be an administrator of your Evo account to manage your subscription.
Comments
0 comments
Please sign in to leave a comment.