Introduction
Once you have enabled KaseyaOne Unified Login for your organization, you can automatically allow KaseyaOne users access to Graphus without the need to create a separate Graphus user account. This feature is enabled in Graphus with the Automatic User Access feature on the KaseyaOne tab in the MSP Administration section. This article focuses on how Graphus supports automatic user access with the Unified Login feature on the KaseyaOne tab.
Note: When the Enable Log In With KaseyaOne toggle is enabled, all users from KaseyaOne can log into Graphus using KaseyaOne Unified Login.
Pre-Requisites
-
You must be a partner administrator for Graphus and KaseyaOne with valid login credentials for each. If you don't have one, contact your administrator.
-
To activate, a unified login KaseyaOne Master user and a local Graphus portal admin user are required.
-
The Enable Log In with KaseyaOne toggle must be activated and have an active mapping with a KaseyaOne account before the Automatic User Access feature can be activated.
-
The Automatic User Access feature can be enabled by the MSP admin provided they have enabled Log in with KaseyaOne for the MSP.
Enabling the Automatic User Access through the MSP Administration Section
To enable Unified Login with KaseyaOne through MSP Administration:
1. Log into Graphus.
2. On the top menu, click MSP Administration.
3. In the navigation menu, click KaseyaOne.
On the Admin Settings page, under the Unified Login section, activate the Enable Log in with the KaseyaOne toggle. This option will allow your users to enable Log In with KaseyaOne for themselves. 4. You are redirected to the KaseyaOne login page. Proceed to log in with your KaseyaOne login credentials and your authentication code.
5. After logging in, you are taken back to the KaseyaOne Admin Settings page on the Graphus portal where a successful banner message appears.
Important: When the Enable Login with KaseyaOne toggle is enabled, users whose email address matches an existing email address from this KaseyaOne organization can log into Graphus using Kaseya Unified Login.
Note: If authorization is unsuccessful, an error message is displayed. Contact a KaseyaOne administrator or support.
Automatic User Access
When Automatic User Access is enabled, users of KaseyaOne will be able to access Graphus without the need of creating a local user account in Graphus. This is done by enabling the Automatic User Access feature on the KaseyaOne Admin Settings page.
This applies when a user attempts to log into Graphus on the Graphus login page using their KaseyaOne account credentials or tries to access Graphus from the KaseyaOne site page.
Additionally, you must select a default access role when using the Automatic User Access functionality; this will be automatically assigned to the newly generated users.
Note: The Unified Login must be activated before the Automatic User Access feature can be enabled.
To Enable Automatic User Access
1. Verify the Enable Log in with KaseyaOne toggle is activated. If it is not, click the toggle to activate it.
2. In the Central User Management section, click the Enable Automatic User Access toggle button to activate it.
3. Select the default Graphus user role you desire to assign to each new user automatically using the drop-down.
Note: Selecting a user role is a required field. The page doesn't allow you to navigate to the next step until you choose a desired user role.
4. Click Save.
User Management for Automatic User Access Users
Once the KaseyaOne user is given access to the Graphus product through the Automatic User Access feature, the user will appear on the KaseyaOne Users tab under the Global User Management page. The KaseyaOne Users tab displays only users created via Automatic User Access.
You have the ability to create local users from the KaseyaOne Users tab using the Create local user icon. When doing so, the user will be removed from the KaseyaOne Users table and added to the Local Users table.
The Local Users tab also contains the list of Graphus users that were created locally.
To access the User Management page:
1. In the navigation menu, click User Management.
2. Click the KaseyaOne Users tab. The KaseyaOne Users tab displays only users created via Automatic User Access.
Graphus will not automatically create a local user account for KaseyaOne users. However, the MSP admin can choose to add KaseyaOne users locally using the Create local user feature under the actions field. This will remove the user from the KaseyaOne Users tab and will create a local user with local login access.
To add KaseyaOne users locally:
1. On the KaseyaOne Users table page, choose the desired user for whom you want to create a local user in Graphus.
2. Hover the cursor to the action field and click + Create local user icon.
Important: Please note when the MSP admin adds KaseyaOne Users locally via the Create local user feature, the user will be removed from the list of KaseyaOne Users tables. Meaning, the table will contain only the list of Automatic User Access/KaseyaOne users with no local user accounts.
If an admin uses the top-right corner standard Add Local User button to create a local user, then Graphus will match the email address the user enters against the Local/KaseyaOne Users tables and prevent the creation of duplicated users with an error message.
Activity Log for Automatic User Access Users
The Activity Log page is a dedicated section within the MSP administration dashboard where administrators can view a chronological record of activities performed by users. It serves as a comprehensive log that captures various actions taken within the application.
The purpose of the activity log is to offer transparency and visibility into the operations occurring within the MSP administration platform. This feature helps administrators and security personnel track changes, troubleshoot issues, and ensure compliance with security and operational policies.
Activity log benefits :
- Users Included: The activity log includes entries for both local users and KaseyaOne users. Local users are likely those directly associated with the MSP administration platform, while KaseyaOne users may refer to users who access the MSP services through the KaseyaOne platform.
-
Information Captured in the Log: Each log entry typically contains the following information:
- Action Time: The timestamp indicating when the specific action was performed. This helps in tracking the timing of events and identifying patterns.
- User: Specifies the user who initiated the action, providing accountability for each logged event.
- Category: Describes the type or nature of the activity performed. This could include actions such as account modifications, configuration changes, or other relevant events.
- MSP Affiliation: Indicates the MSP (Managed Service Provider) for which the action was carried out. This is particularly important in multi-tenant environments where a single administration platform serves multiple MSP clients.
-
Use Cases:
- Auditing: The activity log serves as a comprehensive audit trail, allowing administrators to review and validate actions taken by users.
- Troubleshooting: In the event of issues or discrepancies, administrators can refer to the activity log to identify the sequence of events leading up to the problem.
- Security Monitoring: Monitoring the activity log helps detect and respond to unusual or unauthorized actions, enhancing overall system security.
- Access Control: Typically, access to the activity log is restricted to authorized personnel, ensuring that only designated individuals can review and analyze the recorded information.
Overall, the activity log feature in the MSP administration dashboard provides a valuable tool for maintaining operational integrity, enhancing security, and facilitating efficient management of MSP activities.
To view a KaseyaOne Users log:
1. In the navigation menu, click Activity Log.
2. Click the KaseyaOne Users tab. The KaseyaOne Users tab displays only users created via Automatic User Access.
3. You can view users' activities in a certain date range. Select a date range and click Apply.
4. On the KaseyaOne Users page, in the upper-right corner, click the All Users dropdown to select a specific user.
This will fetch a KaseyaOne-specific user Activity Log list in detail.