This document provides information about the System parameters form screen, which refers to the parameters in the Access control tab.
Path to access
- On Segura® Platform, in the navigation bar, hover over the Products menu and select Settings.
- In the side menu, select System Parameters > Global > Access control.
Access control menu
Password management section
| Item |
Type |
Required |
Description |
| Password parts * |
Quantity input |
Yes |
The number of parts into which the password will be divided for groups with multiple custody. You can choose between numbers 1 and 5. By default: 2. |
| Password display time (s)* |
Quantity input |
Yes |
Maximum time, in seconds, that the password window will be open. Select zero to not close. By default: 30. |
Expiration settings section
Attention
Extending the time expiration approval to 10.080 minutes, 168 hours, or 7 days in the Time expiration approval * field increases security risks. Consider shorter durations for better security.
| Item |
Type |
Required |
Description |
| Time expiration reason (min) * |
Quantity input |
Yes |
The time that the justification of access to a password is valid. During this period, the user won’t need to provide another justification to access the password again. By default: 60. |
| Time expiration approval * |
Quantity input and Dropdown menu |
Yes |
Standard time that the approval of a request will be valid, the options are in minutes, hours, or days. By default: 1 hour. |
| Approver can change when approval will expire? * |
Radio button |
Yes |
Allow the approver to change the approval validity parameter. By default: Yes. |
Access and security settings section
| Item |
Type |
Required |
Description |
| Allow only one group per user? * |
Radio button |
Yes |
Defines whether or not a user can be part of more than one access group. By default: No. |
| List only approvers with permission? * |
Radio button |
Yes |
Defines if only approvers with permission can be listed. By default: No. |
| Allow approvers to approve their own request? * |
Radio button |
Yes |
Defines if an approver can approve the request itself. By default: No. |
| Allow registry of duplicate credentials? * |
Radio button |
Yes |
Defines if duplicate credentials can be registered. By default: No. |
| Allow to register devices with duplicate IP? * |
Radio button |
Yes |
Defines if it will be allowed to register devices with duplicate IP. By default: Yes. |
| Allow batch approval? * |
Radio button |
Yes |
Defines if batch import will be allowed. By default: No. |
| Force access rule by device domain? * |
Radio button |
Yes |
Disables the most restrictive rule for groups. Each device's request follows the access group configuration of its respective group. By default: Yes. |
| Requires approval to change user roles? * |
Radio button |
Yes |
Defines if an approval will be required to change user roles. If there are no approvers for user management, the changes will be applied without approval. By default: Yes. |
Notifications section
| Item |
Type |
Required |
Description |
| Make below fields required: |
Checkbox |
No |
Defines if it will be mandatory for users and approvers to fill in the following fields. By default: Users and Approvers. |
| Notify requester of result of the request through: |
Checkbox |
No |
Defines if the requester will be notified about the request via email, screen and Microsoft Teams. By default: E-Mail and Screen. |
| Notify approver of new requests through: |
Checkbox |
No |
Defines if the approver will be notified for requests via email, screen and Microsoft Teams. By default: E-Mail and Screen. |
Governance code section
| Item |
Type |
Required |
Description |
| Display name for fields "Governance Code" * |
Text field |
Yes |
Defines a message to the governance code. By default: Governance Code. |
Mobile app section
| Item |
Type |
Required |
Description |
| Allow use by all users * |
Radio button |
Yes |
Defines if all users have access to the mobile application. By default: Yes. |
| Require device approval * |
Radio button |
Yes |
Defines if it'll be necessary to request approval from the device being used for access. The app connection request must be approved by an administrator. By default: No. |
Info
Check the network rules to allow app connection.