User Administration Overview

About the Bizverse

The Bizverse is a controlled, Cloud-based community that allows member enterprises to collaborate and connect with partners, clients and their own people. Each participating member has its own Workspace (also referred to as a Reposistory) in the Bizverse Cloud.

About users

A user is an individual person or service identity that has been granted access to one or more application portals of a Workspace. Access and use rights of any Bizverse web app (including the Community Management Portal), is provided at the individual level.

About User Administration

To make access distinctions possible and to track user activity, the application system must know who it is that is making each request. The primary purpose of user administration is to provide information that allows the system to make such determination. The fundamental piece of user information that the system requires is one ("third party") Google account ID for each user for the purpose of user validation. The Bizverse environment uses its copy of these IDs to establish a unique Bizverse identity for each connecting user. All of a user's access rights to Workspaces, Portals and Web Apps are ultimately tied to this identity (in other words, to the user's Google ID).

About Google authentication

The CMP utilizes the “sign-in with Google” feature, which is based on the OAuth 2.0 protocol (OAuth 2.0 is an open-standard protocol which provides an authentication mechanism that allows users to authorize access to their data, after they have been authenticated). This means a Google identity is required for each person who uses the Community Management Portal. Note: For identification purposes, only the account IDs are needed. The application does not keep copies of external passwords for identification purposes (including your Google password). To learn more. about the "sign-in with Google" feature and the OAuth 2.0 protocol click here...

About Workspaces

A workspace is an organization-specific digital storage area in the Bizverse Cloud that is shared between applications and users of that organization. In other words, a Workspace is a (Cloud-based) container of a particular organization's application data and other information (documents, images, profiles snapshots, etc.) as produced and used by the set of linked web applications and their users. By using web applications that are linked to the Workspace, users place data and information into (and retrieve same from), the Workspace. An organization typically has one Workspace (but may have more). Users are granted access to the portal applications of a specified Workspace - if a user has access to multiple Workspaces, (s)he would have to select the Workspace (using the Workspace Selector Control that is provided in the User Interface of the CMP), that is appropriate for the particular action such user wishes to perform. Once the Workspace is selected, it is set as the active Workspace and will remain in effect until another Workspace is selected. Users with multi-Workspace access need to be attentive to which Workspace is active to ensure that additions and edits are made to the correct data set.

About Bizverse Community Sponsors

A Partner is an operator of a sponsored community in the Bizverse.

About Roles

Roles are used to manage the availability of application items. An application item that is under role-based management is called a functional capability. Anyone who is a member of a role has all of that role's functional capabilities. Roles do not protect data or metadata (other than a few system items). Functional capabilities are always additive. Assigning someone to a role never reduces what that person can do. Although Administrators have the functional capability to give users access to certain application items, it does not mean that the Administrator necessarily have access to such functionality. If the Administrator requires to have access to an application item, access has to be explicitly granted.

The Enterprise Bizverse Portal utilizes two roles, namely Workspace Administrator and Enterprise Bizverse Portal User. These roles have the following functional capabilities:

User Administration Cycle

User administration involves 3 basic high-level activities, namely:

(1) Creating a Workspace (once-off) and setting up an Administrator for the Workspace (an Administrator can create other Administrators),

(2) Workspace Administrator(s) giving users access and usage rights to the applications of the Workspace.

(3) Users accepting these assigned rights.

The steps involved in these activities are as follows:

1. Create Workspace & Administrators

1.1 Obtain a Google Account ID

1.2 Register as a Bizverse User

1.3 Create a Workspace (and automatically become the Administrator of that Workspace)

1..4 Create other Administrators

1.5 Remove other Administrators

2. Authorize User Access to Workspace Applications

2.1 User registers as a Bizverse user (using his/her Google Account name)

2.2 Workspace Administrator gets the User ID (e.g., Gmail address) from the Bizverse-registered user (e.g., via email/telephone/other)

2.3 Administrator assigns portal access permissions to user

Note: although an Administrator assigns access rights to application items, the Administrator does not have 'automatic' access rights to such application items; to get access rights to an application item, the Administrator would have to self-assign such rights (or request another Administrator to assign the access right)

3. User Acceptance of Assigned Rights

3.1 User accepts allocated access rights

3.2 User maintains rights and profile

Role-based User Administration Perspectives

The User Administration function can be considered from 2 perspectives, namely from the role of a Workspace Administrator, and also from the role of a Portal Application User:

User Administration from the Workspace Administrator Perspective

User Administration starts when a Workspace is created by a registered Bizverse user. The user that is responsible for creating the Workspace automatically becomes the (first) Administrator of that Workspace. Once the Workspace has been setup the Administrator can now assign other Bizverse-registered users as Administrators. When a user is made an Administrator, an email informing the user of the new role is automatically generated and sent by the system. An Administrator can remove the administrator rights of other Administrators.

A Bizverse-registered user can thus become a Workspace Administrator in one of two possible ways:

(1) The registered user is made an Administrator of an existing Workspace by one of the current Administrators of that Workspace, or

(2) the user creates a new Workspace thereby automatically becoming the administrator for that workspace.

The main task of an Administrator is to assign portal application access permissions to registered Bizverse users (see Workspace Admin to learn more about portal applications including how new applications are added to a Workspace). When a user is given permission to access a portal application, an email informing the user of the new access permission is automatically generated and sent by the system. The user must accept this access permission in order to activate the functional capability. Administrators do not have automatic access to the application items for which they allocate permission to users - to get access to an application item, the Administrator must either self-assign the required permissions, or request another Administrator to grant the user permissions (in other words, the Administrator is just another Portal Application User of such portal applications).

User Administration from the Portal Application User Perspective

To become a user of the Enterprise Bizverse Portal (or any other Bizverse portal), the user must first get a Google Account (e.g., Gmail). The unique Google Account name is used by the user to register as a Bizverse user (users would typically also set up their basic Bizverse user profile at the same time).. Note that the user's Google Account password is not required for this step (the password is never recorded by the Enterprise Bizverse Portal, or any other Bizverse portal application). It is therefore possible for the Administrator to perform this activity on behalf of the user, provided that the Google Account ID (not the password) is known to the Administrator (the Administrator would then simply inform the user to accept the permissions that have been granted using the normal user permissions acceptance procedure).

Once registered as a Bizverse user, the Administrator can assign permissions for the user (the user has to provide the Google Account Name to the Administrator). After the Administrator has allocated the required permissions, the user will receive an email notification with instructions on how to activate the relevant functional capabilities.

Once the user has accepted the access permissions the application items will be available to the user as standard application options of the portal.

The Enterprise Bizverse Portal utilizes the Google API to allow communication with Google Services and their integration to other services such as Gmail and Drive. The API allows access to permitted user data, such as a shared folder that is created in Google Drive. These APIs require authentication and authorization using the OAuth 2.0 protocol. This means that upon first-time entry of an application item the user may be prompted by Google to permit access to certain specified Google applications, such as Gmail and Google Drive. The user should allow this access as this is important for the application to function correctly.

,

Related Topics

• • How to get a Google account

  • How to register as a Bizverse user

  • How to create a Bizverse Workspace

  • How to assign administrator rights to a registered user

  • How to remove administrator rights from a current Administrator

  • How to assign portal access permissions to a registered user

  • How to remove portal access permissions from a registered user

  • How to accept the access permissions that have been granted to you

  • How to maintain your user profile and access permissions