Versions Compared

Old Version 4

changes.mady.by.user Megan Ellis

Saved on

compared with

New Version Current

changes.mady.by.user Megan Ellis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Section


Column

frevvo is a multi-tenant application. Tenants allow you to segregate groups of users and roles. Users from one tenant cannot access users in any other tenant. Note: this does not apply to public forms/workflows which do not require login access to a tenant.

The frevvo In-house superuser admin can create as many tenants on your form server as needed. Once the superuser admin creates the tenant, the tenant admin user can then login to manage the tenant, configure LDAP, add users & roles, etc. See the Admin Home Page for differences between the superuser admin and tenant admin. 

Info

frevvo trial tenants in the cloud are initially configured with the frevvo Default security Manager. Once you have purchased your frevvo license, you can switch the Security Manager of your tenant and retain existing forms/workflows, users, roles and submissions.

Tenants using the Default Security Manager can be migrated to:

  • Default Security Manager → LDAP
  • Default Security Manager → SAML  
  • Default Security Manager →  Azure SAML

Tenants using the LDAP Security Manager can migrate to:

  • LDAP → SAML
  • LDAP → Azure SAML

Contact us to purchase or change your security manager.



Column
width35%

On this page:

Table of Contents
maxLevel2


...

Configuring the SharePoint Connector

Store submissions and metadata on a registered SharePoint website using the frevvo SharePoint Connector and wizard. The configuration information is discussed in the SharePoint Connector topic

Configuring the LDAP/Active Directory Security Manager

Creating/editing the LDAP tenant is performed by the superuser (on-premise) or the tenant admin (cloud). Refer to this documentation for configuration details and here for some troubleshooting tips. 

Configuring the SAML Security Manager

Creating/editing the SAML tenant is performed by the superuser (on-premise) or the tenant admin (cloud). Refer to the SAML Security Manager topic for the details.

Configuring the Azure SAML Security Manager

...

  • Admin User Id - This is the tenant admin id. It can contain characters, numbers and the underscore. It cannot start with a number. The maximum length is 16 characters. This account is used as the built-in admin if you are using the LDAP, SAML or Azure Security Managers.
  • Admin User Password - This is the tenant admin password. Notice the text will appear as bullets as you type.
  • Reenter the Admin User Password - Reenter  the tenant admin password. frevvo will display an error message, "Invalid Value" if what you type in this field does not match the contents of the Admin User Password field. This is one way to change the password for the built-in admin if you are using the LDAP, SAML or Azure Security Managers.
  • Change password on next login - Tenant Admins can expire passwords by checking this field. The tenant admin will be prompted to change their password the next time they login.
  • Enter the Email Address for the user id specified in the Admin User Id (built-in admin) field. The tenant admin receives an email with a link if they use the frevvoForget Password? feature to reset their password.

Built-in admin for LDAP, Azure and SAML Security Manager tenants

A Tenant admin can login directly to frevvo or login with a user id who has been given tenant admin permissions in your Active Directory. Tenants using the LDAP(s) Security Manager now have the ability to configure a built-in admin account. This was not possible for this Security Manager in previous releases.

...

Definitions of Password Strength:

  • none - uses system default, enforces a minimum password of 8 characters
  • Fair - very guessable: protection from throttled online attacks. (guesses < 10^6) Strength meter will indicate "Very weak."
  • Good - somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) Strength meter will indicate "Weak."
  • Strong - safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10)
  • Very Strong - very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)

A user creating or resetting their password will be required to meet the password strength specified by the tenant admin. Password strength is indicated as the user types by a Password Strength Meter visible below the entry. There are no specific length or character requirements, but the meter will detect the strength of the password based on use of uncommon words or phrases and unpredictable use of capitalization, numbers and special characters. Helpful suggestions appear to prompt the user towards a stronger password. Password length is limited to 100 characters and an error message will appear if user attempts to enter more than 100 characters. Users cannot use their old password or a temporary password as the new password. Here are screenshots of what a user might see if the Tenant Password Strength is set to "Strong." Strong and Very Strong passwords use uncommon words or phrases and unpredictable use of capitalization, numbers and special characters.

...

A tenant admin can view all the configuration properties that apply to their tenant. Some of these properties can be modified by the tenant admin in the Edit Tenant page. Others can only be changed by the superuser admin.

...