Requirements
For a user to access the Admin Portal, they will need to:
- Have a license [see: How do I manage my users licenses]
- Be converted to an Admin user. [see: How do I convert user types]
- Have the proper Role Based Permissions. [see: Role-Based Permissions]
We’re going to break this down into sections for ease of use with the high points of our features. We’ll first start as an admin on the portal and go through all that encompasses Evo.
- Customer (tenant) features
- Directories
- People
- Keys
- Endpoints
- Applications
- Onboarding
- Activity
- Access
- Role-Based Permissions
- Customer Access
- Shared Accounts
- Elevated Access
- Policies
- Customization
- Profile Menu
- Profile
- Billing & Licenses
Customer (tenant) features
Under a customer is where all the magic of the app takes place!
This is where you’ll configure each customer according to their own unique details and access needs.
Directories
Evo provides the ability to connect to your existing directory to sync your users. Or create an Evo Cloud directory.
Third party directories sync once every 10-minutes. If a new user is added, or existing user modified, when it appears updated/connected to Evo will depend where in the 10-minute cycle the sync is.
Find out more
- How do I add, edit, or delete a directory?
- Sync with On-Prem Active Directory (LDAP)
- Sync with Azure Active Directory (AD)
- Sync with Google Workspace
Troubleshooting
Best practice(s)
- Changing an existing users email address.
- Rather than changing the email address on the user profile, add an alias.
- The change in the email address will be considered a brand-new user that must be synced, which means the user will need to scan a new Evo QR code for authentication.
People
People are added to your tenant in one of two ways – the first being via a sync from a configured directory, such as Google Workspace, or Active Directory. The second is by adding the user manually into Evo.
Find out more
- How do I add an Evo Cloud user?
- How do I manage my users?
- How do I convert user types?
- How do I manage users from a directory sync?
- How do I manage my user licenses?
Best practice(s)
- Minimum of two (2) active users with type Admin. This helps to ensure that you have the appropriate coverage in the event something happens – one is locked out, away on vacation, etc.
Keys
Managing your hardware keys with Evo has never been easier. Hardware keys can be added one-at-a-time, or in bulk via a CSV file.
Before you upload the keys, all users to be assigned a key must have an Evo account. If the user doesn’t exist be sure to add them as an Evo Cloud user or connect them with your directory of choice (Active Directory (On-Prem or Azure), or Google Workspace).
Find out more
Endpoints
If you suspect, there is an unknown device you can either disable the device or delete it. If disabled, and you find it is a valid device, you can always re-enable it for continued use.
Find out more
Applications
Integrating your toolset with Evo is a perfect way to have a single tool to manage your identity and access management.
We’re always adding new integrations. If there is an integration that you use but don’t see listed, you can use Integrating Evo with SAML web app for the standard detail.
Otherwise, let us know what we’re missing that would be of value to you. We’ll be happy to add it to our ideas board for future implementation.
Find out more
Onboarding
Email campaigns are great ways to remind your users to complete their user registration and set up multi-factor authentication (MFA).
You can create as many or as little emails within this campaign but be sure to select the date and times individually, at the very least 5-minutes apart. We currently do not allow the ability to modify the email body – if you have concerns, do please contact us.
Find out more
Activity
There are two ways to see the authentication activity for your users. Here we’re going to review the authentication table.
Authentication activity shows you a complete list of the recent successful and failed login attempts by users.
In the table you’ll see such detail as; the users email address, type of request, result (success/fail), date and time of the activity, the tenant they attempted to log into, and the IP address the attempt was made.
Find out more
Access
The Access portion of the web-app is where our Role-Based Permissions, Customer Access, Shared Accounts, and Elevated Access features reside. Check it out!
Policies
Policies are a great way to restrict access or define temporary single sign-on requirements for your SAML enabled web applications that have been integrated with Evo.
When applying a rule, it is applied globally, and will apply to all customers and users.
Find out more
- Understanding Policies
- How do I edit, or delete rules?
- How do I block IP addresses – by country?
- How do I block IP addresses?
- How do I add a rule for single sign-on (SSO) expiration?
Access Manager
Need to control user customer restrictions, role-based permissions, or elevated access possibilities? Look no further.
Do note, only users with the type of Admin can have customer restrictions applied, a role-based permission group, or be granted elevated access.
Be careful when using these features, as you can accidentally lock your own user out of sections of the portal depending on what access roles you apply.
Find out more
Access Management is broken down into four (4) main areas.
- Customer Access Permissions
- Role Based Permissions
- Shared Accounts and Elevated Access
- Does Evo support password rotation?
- How do I add a new shared account?
- How do I disable, enable, or delete shared accounts?
- How do I enable, or disable password rotation?
- How do I add a new elevated assignment?
- How do I disable, enable, or delete elevated assignments?
- Can I see the shared account passwords?
Tips
When creating the Elevated Access Group, take note of these key points:
- Only admin users can currently elevate, and they must be given the access role “Can be elevated admin”. See: How do I add, edit, or delete role-based permissions groups?
- The MSI package must be installed to accept Elevated logins. See: Integrating Evo with Windows desktops
Customization
By default, when you sign up for an Evo account, the theme is defaulted to the Evo logo and colors. You can upload your company logo and change the color scheme presented.
You company logo and selected colors will show up in the Evo web (user and admin) portals, and email notifications only. The settings are not applied to the Evo Secure Login mobile app.
Find out more
Profile Menu
The Profile Dropdown contains the settings and information you would expect to find about your user, as well as billing and help information.
Profile
If you’ve lost, damaged, or are replacing your phone and are unable to login due to no OTP available. You’ll need another administrator to send you a welcome email with a QR Code attached, so you can log in.
If you’re an end-user, simply log into your Evo portal. On the user portal you’ll be presented with a QR Code for scanning. Scan the new code and follow the wizard.
Find out more
Billing & Licenses
Subscriptions are easy with Evo, and fully in your hands, but if you need help or clarification of the subscription, don’t hesitate to contact our Sales team.
NOTE: You must be an administrator of your Evo account to manage your subscription.
Find out more