ProtectNetwork

Cloud based E-Credential Management service

Frequently Asked Questions: Enterprise ID Administrators

What is an Enterprise ID Administrator?
An Enterprise ID Administrator is a Sponsor for other users. An Enterprise ID Administrator can:

  • Provision Users in Bulk
  • Assign users to Groups
  • Assign Entitlements (App Grants) to Users
  • Request release of such attributes to trusted SP sites
  • Delegate administration of Users
  • and many more…
How do I become an Enterprise ID Administrator (Sponsor)?
It is quite simple. You can simply Register for an Administrator Account on ProtectNetwork for free. Once you are approved then you can request subscription to add/upload/sponsor additional users into ProtectNetwork.

Why should i leverage and use ProtectNetwork service?
You have two options, build and setup your own local service or lease ProtectNetwork service on-demand. Here are the benefits of leveraging the ProtectNetwork service:

  • No hardware or software required
  • No hardware/software related costs: acquisition, setup, integration, maintenance, upgrades and support costs
  • No need to setup and manage your own local expensive and complicated IDM system. Simply upload your users in bulk via point and click web browser
  • We provide help desk support to your users
  • We host the service for you in our datacenter
  • Can be customized to your needs and requirements
  • Your website can receive any user attribute you like
  • No big upfront costs, pay as you go
What is a ProtectNetwork subscription?
ProtectNetwork subscription is available as a feature to ProtectNetwork Enterprise ID Administrators (or Sponsors). Once you obtain an Administrator Account on ProtectNetwork, you can then “Add” one or more subscriptions by clicking on “Add a Subscription” button on the left hand navigation panel. Each such subscription when approved enables you to add and upload your Users (Sponsored Users) in bulk into ProtectNetwork. Once the Sponsored Users are uploaded into ProtectNetwork, they can then be arranged into Groups and assigned Entitlement values.

Please note that, as an Administrator (Sponsor), you can request one or more subscriptions. Each such subscription can be tied to a specific domain or scope (e.g. mycampus.edu, myonlineservice.com). This domain/scope is then used to identify your sponsored users and released as part of the Entitlement attribute for your Sponsored Users.

Can I manage Users for multiple domain names on ProtectNetwork?
Yes. This is accomplished when you “add a subscription” in your Admin account. Each such subscription is tied to a specific domain (or scope) and enables you to upload/manage a group of users as part of the subscription. Please note that this scope is released only as part of the entitlement attribute. That is, entitlement attribute released by ProtectNetwork is scoped with the domain name associated with your Admin account.

You can add multiple subscriptions, each tied to a specific domain/scope, under the same Admin account.

Can my sponsored Users be tagged with a specific domain name for identification purposes?
Yes. As an Enterprise ID Administrator, you can purchase a Subscription to upload your Users. Each such subscription is tied to a domain name of your choice (e.g.mydomain.edu or myonlineservice.com). Once uploaded, such Users can then be arranged into Groups and assigned one or more Entitlement values of your choice. This Entitlement attribute is automatically concatenated with your domain name (or scope). As a result, when your Users authenticate on ProtectNetwork, the Entitlement attribute is released to the requesting SP site. The SP site can now easily determine the domain name of the User as well as the Entitlement string value and make an appropriate access control decision. For more information please contact support@protectnetwork.org.

How can i assign Roles to my sponsored users?
Once you have uploaded your users into ProtectNetwork, you can then arrange your users into one or more Groups. Each such Group can then be assigned one or Entitlement values. You can simply choose to name the Entitlement values same as Roles. The entitlement attribute is then released as an attribute to the requested SP site. The SP site in turn filter for the ProtectNetwork entitlement attribute and enable role based access to the site.
Do I have to pay to become an Enterprise ID Administrator (Sponsor)?
This service is available for free on a trial basis. If you are satisfied then you can subscribe the service for a fee. Please contact sales@protectnetwork.org for more details.
Can i upload my Users in Bulk into ProtectNetwork?
Yes. You can simply upload a CSV file that contains your users email addresses, with one email address per line, into ProtectNetwork. Once the CSV file is uploaded, ProtectNetwork will then send out automatic email invitation (with your permission) with instructions to each of your users. Users can then follow the instructions to self-provision themselves into ProtectNetwork. You as an administrator (or sponsor) can view the status of each of your users anytime.
What is the workflow for Uploading users in bulk?
Here is the workflow:

  • Step-1: Register for an Administrator Account on ProtectNetwork
  • Step-2: Login to your Administrator Account and then make a request to Add a Subscription to your Account. Each subscription will allow you to upload a certain maximum number of users in bulk.
  • Step-3: Once your request is approved by ProtectNetwork, you can now upload users in bulk using a simple CSV file. You may make multiple bulk uploads anytime. The CSV file should contain one email address per user.
  • Step-4: Once you upload the CSV file, upon your approval, your Users will receive an automated email with instructions to activate their account. In the meantime, you will be able to track the status of all of your users.
  • Step-5: Once your users are loaded, you can now assign them into Groups of your choice. You can create many Groups with different Group names and arrange your users into these Groups. Additionally, you can assign unique Entitlement values to each such Group of Users. You can assign even multiple Entitlement values per Group. These Entitlement values can be released as Shibboleth/SAML attributes to trusted SP sites for access control purposes.

For additional information please contact your representative.

Can ProtectNetwork send out email invites to Users for self-registration?
Yes. When you upload your users in bulk (using a CSV file with email addresses), you are prompted to invite your users via email. You will be presented with an email template which you can customize to your needs. Once you approve the template, email invites are then sent on your behalf to your users. The email invite also contains a self-registration and activation link with instructions which your users can follow to self-provision themselves as sponsored users into the ProtectNetwork service.
What kind of users can I provision as an Enterprise ID Administrator (Sponsor)?
A Sponsor can provision any User. Sponsors can provision their subscribers, guests, contractors, consultants, vendors, partners, suppliers and such to provide secure authorized access to a website, application or premium online content.
Can the Sponsored Users self-register?
Sponsors can provision users in advance in bulk using a CSV file and then invite such users via email using ProtectNetwork. Users who receive such email invites then follow the instructions provided in emails and self-register their account information. Once the user self-registration is complete, the Sponsor is automatically notified.
Does my subscription to upload users into ProtectNetwork include the ability to add my SP sites?
No. However you may add new SP sites into ProtectNetwork by paying an additional annual subscription per SP site. The user subscription gives you the ability to manage users in bulk in ProtectNetwork as well as authentication and attribute release for your users to existing trusted SP sites. For releasing SAML assertions to your new SP sites, you will need to purchase the ability to add new SP sites into ProtectNetwork. Please contact sales@protectnetwork.org for more details.
Is there an API to upload my current user accounts into ProtectNetwork?
We provide a user account synchronization tool that can automatically update user accounts from your SQL database (hosted in your location) with the ProtectNetwork cloud on a periodic basis. For more information, please contact sales@protectnetwork.org.
Can i provide access to premium online library resources for my Users?
Yes. As a sponsor you can upload your users into ProtectNetwork. You can then assign your users into Groups and assign such Groups with one or more Entitlement values. You can obtain the Entitlement values from your online library service provider such as Ebsco, Elsevier, Thomson, Reuters, ScienceDirect, etc. Your online library service provider can then enable secure ProtectNetwork logins for your users based on ProtectNetwork entitlements and scope. Please contact sales@protectnetwork.org for more details.
Can i provide access to Google Apps for my sponsored Users?
Yes. GoogleApps accepts SAML2 compliant secure ProtectNetwork logins. As long as you have a Google Administrator Account then you should be able to provide secure ProtectNetwork logins for your sponsored users into GoogleApps. Our support team can provide additional instructions to make this happen for you. Please contact support@protectnetwork.org for more details.
© Copyright 2004 - 2010 | 9Star Research, Inc. | All Rights Reserved
Find us on Facebook | Follow us on Twitter