Organizations in PlaidCloud provide a top level area to control options such as single sign-on and member access capabilities. Organizations each contain at least one workspace, which allows workspaces to serve as the main level of tenant separation within PlaidCloud. A workspace helps to align teams with specific areas of interest and isolate access as appropriate. PlaidCloud allows Organizations to have an unlimited number of workspaces.
Each Organization in PlaidCloud can assign multiple administrators. Administrators have special privileges to control the Organization. They can do things such as manage billing, update access management, and perform workspace management.
To manage administrators:
This will display the table of current administrators. After the table opens, you may add new administrators, delete existing administrators, or alter administrative privileges.
To add an administrator:
To delete an administrator:
Each Organization can have a custom url (https://plaidcloud.com/sso/<custom_name_here>) for members to access the single sign-on page you specified in the configuration.
Note: Single Sign-On uses SAML 2.0 protocols and is set up through the user interface.
To create a custom URL:
If Single Sign-On is enabled, you can choose to automatically create members based on successful Single Sign-On authentication. New members will receive the default workspace and security roles specified in the Organization settings.
To automatically create members:
Use of this feature greatly simplifies member management because new members will automatically have access without any additional setup in PlaidCloud. Similarly, if members are removed from the Single Sign-On facility, they will no longer have access to PlaidCloud.
If Single Sign-On is enabled, you can choose to pass a group association list along with the positive authentication message. The list’s items will be used to assign a member to the specified groups and remove them from any not specified. This is an effective way to manage security group assignments by using a central user management service such as Active Directory or other LDAP service.
Note: If a member is marked as an administrator within a workspace, they will continue to have full access to that workspace regardless of the specific role they may be assigned through this automated process.
If this option is enabled, security roles will be assigned using the supplied list the next time members login. If the option is disabled, existing members will retain their current security roles until manually updated within PlaidCloud.
If retaining inactive members within PlaidCloud is not desired, members can be set for automatic removal from the Organization after a specified period of inactivity using the expiration capabilities PlaidCloud offers. This automated removal of dormant members can be set as short as one day, if desired.
Note: Setting this option to zero (0) indicates no automated removal will occur for the Organization.
To set expiration of members:
Sometimes you may need a list of workflow members for audit purposes. PlaidCloud makes gathering this information quick and easy.
Note:If you prefer a different delimiter for the file you can specify it in the “Optional Parameters” area using the delimiter parameter name.
If you have a list of members to disable, this can be processed automatically through a workflow.
Note: If the file is not a tab delimited file, you must specify the delimiter, a column name, and the member attribution in the optional parameters. All members matching the attribute specified within the Organization will be disabled.