Terms
This section covers the most important term used in this guide. Some of the terms are common knowledge for most people, but there are some new terms for most of us.
Term | Description |
---|---|
User account | This is the base security principal in onePortal™. User account is the one who is able to sign-in to onePortal™ and access the services. Each user account has roles, which determine what she/he can do and see in onePortal™. User accounts “use” onePortal™. By default they are humans, but for automation and integration to other systems and services, it is possible there are also special purpose user accounts. |
Management API | |
REST API | |
OpenID Connect, OIDC | |
OAuth, OAuth 2.0 | |
IDaaS | Identity as a Service. Method to provide identity and access management related services over internet, or as they also call is "from cloud". No on-premises server or service installatior or maintenance is required. Monthly payment is the default payment method. |
Cloud Database | |
Cloud File | |
URL, a.k.a. web address | <https://en.wikipedia.org/wiki/Uniform_Resource_Locator> A URL is a URI that, in addition to identifying a web resource, specifies the means of acting upon or obtaining the representation of it, i.e. specifying both its primary access mechanism and network location. A URL is a specific type of Uniform Resource Identifier (URI), A typical URL could have the form http://www.example.com/index.html, which indicates a protocol (http), a hostname (www.example.com), and a file name (index.html). |
URI Syntax | A generic URI is of the form: scheme:[//[username:password@]host[:port]][/]path[?query][#fragment] onePortal™ only uses schemes http and https with https preferred or in some deployments enforced. <https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Syntax> |
Path | A part of URI and URL after the first slash (/). See URI Syntax for an example. It is customary to have the slash (/) separator as the first character of a path. <https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Syntax> |
Web browser | <https://en.wikipedia.org/wiki/Web_browser> A web browser (commonly referred to as a browser) is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier (URI/URL) and may be a web page, image, video or other piece of content.[1] Hyperlinks present in resources enable users easily to navigate their browsers to related resources. |
WebUI, Web user interface, | A general term for the application program visuals shown on screen in a web browser application which is used to access and use a particular web application. |
Management UI | The WebUI of onePortal, which is mostly used for managing the platform. There is, however, a personal portal for all user accounts for managing their own settings, and processing their own GDPR-related persona ldata requests. |
Sign-in screen | This is the screen view where username, passphrase, and organisation information are typed before selecting button “Sign-in”. On this view there is also secondary functionality for example to just change the passphrase without signing in, and recovering from forgotten passphrase state. |
Soft delete of User Account | A user account is made inactive but data is retained. Undelete is technically possible. |
Purge User account | The data of a deleted user account is purged (permanently deleted). This is controlled in Group Policy. |
Sign in screen | This is the screen view where username, password, and namespace information are typed before selecting button “Sign in”. In this view there is also secondary functionality for recovering a forgotten password. |
User name, also Username | This is the user account´s sign-in name. It is often same as email address, but it may also be a phone number, single name-based word, or even a completely random string. |
Password, a.k.a. Passphrase | This is the phrase or word entered during sign-in to the password field. Usually it must consist of letters, numbers, and special characters, but the most important thing is it is as long as possible. In onePortal™ it is often possible to view this entered text before accepting it by selecting an eye icon at the end of the password field. It is recommended to use passwords of at least 20 characters long if 2-factor authentication (2FA) is not used. |
2FA, 2-factor authentication, | This is a technology which adds a security measure: an additional phase into sign in sequence in addition to the traditional method of using username and password for authentication. onePortal™ supports this technology. Using 2FA may also be enforced if higher security is demanded. |
Logo | Logo on the top-left corner on screen (web browser window). On RTL (right-to-left) layout (future version of onePortal™) the logo is on top-right corner. The logo shown is by default onePortal™ logo, but can be changed to organisation’s own logo in System Preferences. |
Top Bar | Top-most horizontal area of the screen is called Top Bar. It is by default blue. |
Namespace Menu | A menu next to the logo, which is actually only showing the name of the currently signed-in namespace for most user accounts. Only those very few user accounts with role Multi-namespace can see this as a drop-down menu. Single-namespace deployments never see this selection as a drop-down menu. |
Context Menu | A menu in the upper right corner next to Personal Menu where the current selected is shown and can be changed. Single-context deployments never see this selection as a drop-down menu. |
Personal Menu | A menu next to Refresh with all settings and actions related to currently signed in user account. Important actions here are password change, secure sign-out, 2FA activation, and change of personal preferences. |
Refresh button | Clicking this button () updates the currently shown view on screen. As server push-technology is extensively used by onePortal™, this button should not make large changes to the current view. |
Maximise/Restore button | Two alternate buttons (/) on Top Bar allow for maximising the web browser window, and restoring it to original size. Chrome browser is known to have issues with this feature on some systems. |
Left Pane | The left part of the onePortal™ view is called Left Pane. It contains the Main menu. On RTL layout, this is called Right Pane as it is located on the right end of the web browser. |
Mid Pane, a.k.a. level-2 menu | This part of onePortal™ view is only visible when System Preferences is selected on Main menu. It can also be considered as level-2 menu. |
Main Pane | The right side (left side on RTL) of the onePortal™ view. This is the area where the application content is. |
Info-button | Blue information buttons () are shown on screen at numerous places. Clicking the button opens a popup window full of context related information. |
Object | Object is a logical item in onePortal™, such as user account, namespace, email gateway, SMS gateway, context, contact, site/location, target, or incident. Objects are created, viewed, edited, cloned, or removed as necessary by user accounts holding relevant role(s). |
Namespace | Namespace is a toplevel object in onePortal™. Each namespace is also called a “tenant”. In each namespace there are user accounts and other objects. All objects inside a namespace are private and visible only inside the same namespace. |
Multi-tenant, multi-tenancy | Feature of a system, which allows for separate namespaces to independently co-exist without them knowing about each other at all. onePortal™ is a multi-tenant system and thus supports multi-tenancy. |
Tenant | A customer organisation, which may control one or more name spaces depending on a business requirement. |
System Preferences | Main menu item, which is not visible for all user accounts. It contains system-wide settings affecting all onePortal™ namespaces, user accounts, functionality and services. Only user accounts with Portal Admin role may make changes here. Portal Auditors may view all settings. Please see section Error: Reference source not found Error: Reference source not found for more information. |
Tab | Tab is a general purpose visual element on screen when viewing or editing any object. Tabs are used to logically group items on screen to make using onePortal™ easier. The first tab is almost always named “Core”, because it is supposed to contain the most essential set of information on any particular object. |
Role-based access control, RBAC | RBAC is a method to and philosophy of an application which determines how access rights and permissions are delivered for user accounts so they can do tasks they are supposed to do. This means RBAC is also a control measure. It is very common in modern complex applications. onePortal™ implements RBAC via Roles and Permissions. Please see chapter Error: Reference source not found Error: Reference source not found for more elaborated discussion. |
Permission, a.k.a. Right | Permission is essentially “a right to do something, a right to do a task”. Permissions are collected together to logical collections called Roles. Examples of permissions are “create a user account”, “change own password”, or “add user account to a group”. Please see section 6.2 below for more information. |
Role | Role is a collection of Permissions assigned to a user account. There is a fixed set of roles in onePortal™ covering the full functionality. These roles include “Account Admin”, “Portal Admin”, Group Admin”, “Role Admin”, and many more. There are two sets of roles: Admin roles with modification permissions, and Auditor roles with viewing permissions. Please see chapter Error: Reference source not found Error: Reference source not found for more elaborated discussion. |
Auditor (in roles) | Auditor roles have viewing permission to data and settings in the scope of a particular role. The main purpose is auditing. Please see chapter Error: Reference source not found Error: Reference source not found for more elaborated discussion. |
Locking and unlocking a setting | On namespace level there are settings which can be locked () to have same value for each user account. This is often required by organisation policy. Each setting can also be left unlocked (), which means this value might be changed and customised for each user account. |
(Allowed) email domain for namespace | Each namespace may have one or more email domains which are valid for the namespace. Some large organisations might have tens of these domains. If email address is used as sign in naming policy, all email domains must be listed in this list. Leave this field empty to allow any domain, which also the default. |
Default (email) domain for namespace | The very first allowed email domain for namespace is considered to be the default email domain. It is offered as the default domain if email address sign in naming policy is used. Other domains are listed in the order they are listed in the field. |
fall-back language | A term used to indicate a language which will be used if the desired or selected language is not available. |
LTR, left-to-right | Used to denote the characteristic of a written language where text flows from left to right. Example: English. |
RTL, right-to-left | Used to denote the characteristic of a written language where text flows from right to left. Example: Arabic. |