Settings

These articles explain the general settings in your Zluri workspace.

Settings

  • Settings

    You can access the settings by clicking on your profile photo in the top right corner and selecting 'Account Settings.' Or, you can find settings on the left-hand side menu bar. 


    You will find the following tabs on the settings page:


    Account settings


    The account settings feature lets you change your name, work mail address, phone number, and profile picture. You can reset your password or enable two-factor authentication from the same tab.




    To Enable 2-factor authentication, click on Setup Now button highlighted above. Once clicked, four options will appear on the screen. Refer to the below screenshot:





    One can set up 2-factor authentication using a Phone number, Authenticator, Email & Recovery Code. 
    If one clicks on Setup for Phone Number, the below screen will appear. Here a user would have to enter his work number and click on Send Verification Code.


    The entered phone number has to be valid; else the below error will come:




    Once a valid number is entered, a verification code is sent to the same number.



    After entering the verification code, the below screen will appear where a user can keep the backup verification code safely & he has the option to download the same in the pdf option.


    Similarly, the above steps can be done for Email, Authenticator & Recover Code.

    Your organization


    You can modify organization details from this tab, such as company name, IT owner, Payment owner, etc.




    This tab lists all the trusted domains Zluri has identified from your organization's data. Domains of the organization are fetched from the SSO. You should verify and ensure all the domains approved for use by your organisation are listed here.


    Trusted Domains are essential as they segregate an organization's employees and external users. 

    An organization must add the Trusted domain separately if these are not fetched through SSO Integration. To add the domains - share a mail to support@zluri.com mentioning the domains that need to be added.

    Zluri can add, remove and verify domains from the backend. This customer needs to submit a request through the customer success team, and a support ticket will be raised for this request.





    You can also select the primary source for various data points in the application. If Zluri fetches the same data from multiple sources, it will display the data in the platform based on these data points from the primary source. 


    Now the user can select the primary source for additional data points to Zluri, highlighted in the snapshot below. These are Employee Lifecycle status (which gives users data), Reporting Manager, Joining Date, Personal Email, Cost Center & Business Unit. The Users data point is replaced by Employee Lifecycle Status, which serves the same purpose. 


    If the user hovers over the down arrow of the Employee Lifecycle Status data point, he can see "Show Advanced Settings." If he clicks on the down arrow, he can select two additional options based on his preference. Please refer to the below screenshot:



    If the first option is selected, he can import users based on the verified domains, which is the existing logic.


    If the second option is selected, he can import the users based on the specific application that he has set as the primary source of truth for users. From this option, an external employee will become an employee if he is an active user of that application.

    By selecting both options, users will be able to use both functionalities together, i.e., users will be added to the Employees based on verified domains and who are not on verified domains but active on any application set as the Primary source of truth.


    Administration



    The Administration Members section, as shown above, lists all the members that currently have access to your workspace, their email-ids, permission levels, and their last login details.


    Add Administration Member


    You can also invite members. You can click the '+ Add' button to add a new member. 



    After clicking the Add button, another screen will appear to search for names and send mail to them.


    Enter the name, select the permission level & send an invite. The user will receive the email and can accept the invitation.




    Zluri has the following roles built into its platform. These roles can be assigned:



    Admin: Multiple admins can be added to Zluri, & these admins have access to all modules & privileges to carry out day-to-day administrative tasks. 


    Viewer: Admins can add any user with a 'Viewer role' with read-only access to all modules. Cannot take any specific action.


    IT Admin: Users with IT Admin roles can access all modules except the Transactions module. They can add applications and users, assign users to applications, add departments, add users to departments, assign owners to applications, etc. 


    Finance Admin: Users with this role have access only to the Overview module, Transactions module & the Integrations module in Zluri. They can add transactions, map those transactions to applications & archive transactions, etc.


    Procurement Admin: Users with this role have access only to the Overview module, Transactions module & the Licenses modules in Zluri.


    Integration Admin: Users with this role have access only to the Integration and Workflow modules.


    Security Admin: Users with this role have access only to the Security module, Reports module, and Application Overview modules.


    Super User: Users with this role can access all modules except Audit Logs and Settings.


    IT Viewer: Users with this role have read-only access to the Overview module, Applications module, Users module and Departments module.


    Owner: Users with an admin role won't be able to assign an owner role to any user. The owner can access all the modules and have write permissions.


    Suppose admin logins; users with the Owner role will be greyed out. Please refer to the below screenshot:




    Remove Users Access


    When the employee with admin access leaves the organisation or needs access changes, we can make those changes.


    The administration tab under settings has a list of administrators, and the permissions can be changed from the Permission column.


    The following images give us information about how we can make this change. If the admin clicks on the “Remove User” option, a popup will appear which asks for confirmation of the intended action.






    By clicking on the “Remove admin”, the user can be removed from the Administration members list.


    There is one more option here to re-invite members, and it is known as “Resend invitation”. This option is available if the user does not respond to the first invitation within a period.




    After clicking on resend invitation, the invitation goes to the user to respond to it, and the “Sent” option appears in place of “resend invitation”.




    Custom Fields


    You can add custom fields to Applications, Users, Departments & Transactions to add any additional information you would like to store regarding these entities.


    To add a custom field, Please navigate to the 'Settings->Custom Fields' section & click on 'Add new field' under the entity you want to add a custom field to.



    Next, you will need to select the type of field. Type in the field name and suggested values (if your field type is a drop-down list or boolean) and click save. 



    The added custom field will appear in the respective entity's overview screen.


    Scheduled Exports


    This tab lists all the scheduled sports from the system. It lists the following fields about the scheduled exports.



    Custom Apps


    Custom Apps are applications either added by you or identified by us through our integrations that are not present in our database.

    To view details of these applications, tap/click on 'View App.'



    Billing

    You can use the billing by contacting us through chat, mail, or phone.



    Notifications

    Zluri's notifications can be classified in the image below.



    The administrators can select the type of notification they wish to receive, and Zluri will deliver that kind of notification in the app & through the mail. The list of notifications is available as follows:


    Product update notifications: If enabled, Zluri sends daily & monthly summary emails to the user.

    Optimization recommendations: If enabled, Zluri spends recommendations on how to optimize the usage of licenses & spends to the users.


    Product usage guides: If enabled, Zluri sends emails regarding how to use some product features to the user best.


    Unusual trend alerts: If enabled, Zluri sends notifications whenever there is a sudden change in the number of users, usage & spend for any application.


    Security alerts: If enabled, Zluri sends notifications regarding security updates regarding the applications.


    Restricted app summary emails: If enabled, Zluri sends notifications to the users whenever there is an activity for a restricted application.


    Restricted app alerts for employees: If enabled, notifications will be sent to the users of restricted applications to stop using the application

  • General Features

    Notes

    You can add Notes to applications, users or departments to save any important information regarding those entities.



    You can also set a reminder for a note by clicking the ‘bell’ icon. 

  • Zluri Employee App Store - How-to Guide

    Prerequisites: 

    The prerequisite for using the Employee Appstore feature is to set up a SAML login. Please take a look at the below links for the same.


    Generic Steps to Setup SAML 

    SAML App Addition - OneLogin

    SAML Okta

    SAML Jumpcloud

    SAML Google


    App Store Settings Configuration



    Zluri's employee dashboard is a single place for your employees to discover and request licenses for all SaaS applications used in your organization and request applications from Zluri's market's largest library of applications.


    Admin can enable the Employee App store for employees by toggling the highlighted toggle bar field at the top right corner.

     

    You can configure- it from the "Employee App Store" option on the Settings page.


     

    ●      Which applications within your organization will be visible to your employees. 

     

    ●      What information about these applications will your employees be able to view.

    ●      Choosing the authorization level to define applications that are part of your organization. On selecting "Show Unmanaged Apps," an employee can view all the unmanaged applications in the organization.



    Depending on your organization's internal security compliance and application provisioning process, you can configure the settings here accordingly.

     

    Some example scenarios -


     

    ●      If your organization needs employees to see only the applications used within their department, which they can then request licenses for, you can choose "Employee Department Apps."

    ●      If you only need your employees to see applications that your IT admins have categorized as "managed" apps within Zluri, you can turn off the options to show unmanaged, restricted, and uncategorized apps

    ●      If you do not need your employees to see security and compliance information about a particular application within the app store, you can turn off the options to show security information and compliance.

     

    While employees can still search for, find information about, and raise requests for ~225k applications within Zluri's library, configuring these settings upfront will ensure employees see only the information they need to see about the IN USE applications within your organization.

     

    A unique feature of access management is the branding of the organization. Both logo and the favicon can be uploaded.







     

      

    Configuring Automation Rules for Approval Workflows

    Automation rules help your employees' license and application requests go through the appropriate approval processes followed within your organization. 

    Automation Rule Sections

    To set up an Automation Rule, click on App Requisition - -> Automation Rules--> New Rule.



    An automation rule consists of five sections:


    Request Type:

     

    Suppose your organization has different approval processes for applications already in use (License of an Existing Application is Requested) and not used (New Application is Requested) by your organization. In that case, you can use this option to differentiate the two.

     

     

     

    Conditions:

     

    You can customize your approval workflows by creating multiple automation rules with different conditions. Sample scenarios -


     

    ●      Users who have a "Manager" designation and users who have an "Associate" designation.

     

    ●      Users with an "Employee" account type and users with a "Service" or "External" account type.

     

    ●      Members of the "Sales" or "Marketing" department and members of the "Engineering" department.


    You can differentiate the approval processes using different conditions in different automation rules for these above scenarios and much more.

     



    Actions:


     

    For a specific request that fits the request type and conditions specified above, you can set up the rule to either initiate an approval process that'll go through a list of approvers you've configured or automatically reject the request.


     

    Approvers:

     


    For requests not auto-rejected, you can select one or more approvers responsible for reviewing the request and approving or rejecting it accordingly.

     

    You can assign specific roles as approvers - the default dropdown when you "add people" will contain a list of roles configured within Zluri, such as IT admin, app owner, department head, and reporting manager.

     

    This is helpful in scenarios when the user's reporting manager or department head needs to approve each request before it moves onto a different approver. Alternatively, specific individuals can also be searched for and added as approvers.

     

    Configuring this section is mandatory for a rule to be saved.

     

    Provisioning and de-provisioning actions:

     

    Once a request is approved, the license needs to be provisioned to the user, which can be configured in the "On approval" section. And once the requested license duration is completed, the license de-provisioning process can be set up in the "Offboarding action" section.

     

    In both scenarios, the setup is very similar. The provisioning and de-provisioning actions can be configured as a manual task - select a task owner who'll be notified to procure a license once the request is approved (in case of provisioning) or remove license access once the duration has ended (in case of de-provisioning), and specify within how many days the task has to be completed.

     

    The "on approval" section configuration is mandatory to save a rule. "Offboarding action" is optional.


     


    After entering all the above-required details, the automation rule can be saved that will look like this: 



    Automation Rules Priority

     

    When multiple rules are set up, they can be arranged in decreasing order of priority. For example, if two rules have similar conditions and different approvers are involved or other provisioning/de-provisioning actions are configured, the rule with the higher priority takes precedence.

     

     


    Automation rule setup best practices

     

          Identifying your organization's current approval process broadly can help set up a few basic rules that can serve most of your employees' application requests while giving the admins enough context to customize the rules even further.

          Ensure all roles, either Zluri administrator roles or roles that differ from one app to another (app owner) or one employee to another (reporting manager or department head), are comprehensively configured(under Users and Department sections) so that the approval process does not run into any obstacles.

     

    Approval Process

     

    Once an employee submits a request, approvers will be notified in a sequential order to approve or reject the request.

     

    If an approver is unavailable, admins can add new approvers to this request to take this action in place of them, or the admins can approve or reject the request on behalf of the approver.





    One can click on the three dots for an application to view the submitted request.





    On clicking the View Request, an employee/approver will be able to view all the details necessary for him to approve or reject the request and also some other information (like View Change log, The app is used in the org or not, Other approvers for this request, offboarding actions, request due days, comments by others) which is highlighted in the below screenshot:


     

    In this approval process, the power to override the approval or rejection decision depends on the authority level. The higher authority can override the decision taken by the lower admins or the managers.

    The admins can also add comments explaining why the particular request was rejected. 



     

    Admin Actions

    In an ideal approval situation, only the assigned approval authority approves the request. However, Admins have the authority to approve a request on behalf of an approver at each stage of the approval process.


    Whenever the approval status is pending a specific approval, the admin can approve, reject or notify the approver.


    Approve on behalf of an approver


    1. If approver one is pending, and admin approves -


      1. Admin gets added as a new approver after approver 1, and the status will be "Approved on behalf of approver 1".


      1. Approval update and action required notifications for approver 2, admins, and requestee will get triggered accordingly.

    2. The same logic holds for the rest of the approvers.





    Reject on behalf of an approver


    1. If approver 1 is pending and admin rejects it -


      1. Admin gets added as a new approver, and the status will be "Rejected on behalf of approver 1."


      1. Rejection notifications for other approvers, requestee, and admins will be triggered.


      1. The status of the request changes to "rejected" on the "All Requests" page.

    2. Any stage of rejection will reject the complete request process.






    Override rejection


    Admins will have the right to override the rejected request from any of the rejection stages. Admin will see the option to override rejection, and once they reject, "approval update" and "action required" notifications for the next approver, admins, and requestee will be sent.







    Add New Approvers


    In the process, there is also an option to add new approvers to the default approvers list. The names can be searched within the organization, and the selected approver can be dragged and placed anywhere among the list of approvers.


    Once done, the notifications are sent to all the stakeholders assigned.






    Role Based Approvers


    We have the option to add approvers based on roles as well. It can be configured in the "automation rules" section of the workflows. In the approver summary, "roles or approver" can be added by selecting the required role/approver from the dropdown.


    Notes should be added that admins will be notified to add approvers in case of role unavailability. Saving it triggers the rule reflected on the "request summary" page.






    Provisioning and De-provisioning


    Once all approvers approve a request, the task owner will be notified to add the user(s) to the application, post which they can mark the task as completed.


    Doing this will ensure that the employee is added to the application's list of users and that the assigned license is also mapped to the user for the admins to monitor going forward.



    Changelog


    The employee has to keep track of the changes in this process. Hence Zluri introduces a change catalog. The employee can see all the updates on the request made. 


    The approval and rejection from the higher admins, the change in the duration of the basic detail of the license, and the comments added by the admins are all displayed so that the employee is always kept updated on the request's status. 


    Click on View Changelog to view the details:





  • Employee App Store HandBook-Employee View

    Overview:

    The Employee Dashboard Overview Screen is the primary screen that houses users' various features and metrics. It gives an employee a generic view of their organization's and department's SaaS landscape. An employee can request access to a new or existing application/license. They will also be able to view the SaaS applications they use and their usage.

    1.1  Application Launcher: 

    Zluri Employee Dashboard presents the most important applications in this section, which are broadly classified into the following two categories:

    1. Favourite apps

    2. Most used apps



    Zluri allows employees to mark certain apps as favorites. If the employee has not marked any favorites, Zluri encourages them with recommendations based on the statistics of other employees' choices. 

    App Launcher also displays the most used apps in the organization. This display will help the employee find certain apps they use most. 

    1.2  Data and Activity Dashboard: 

    Below the App Launcher, there are a set of important application parameters. 

    The employees can see the following:

    1. Your apps - Total number of applications used by an employee

    2. In Your Department - Number of apps used in your department

    3. In your organization - Number of apps used in your organization

    4. Desktop Agent Status

    5. Browser Agent Status

    6. Provision to Request Access to an Application



    This section not only provides the proper perspective to employees about their application usage but also guides them through a centralized process to register their application/license requirements and any relevant documents. 

    One more data point at the bottom of the page: App-wise usage. It represents the monthly app-wise usage percentage of the application that you are using.



    Applications

    2.1 Application Segregation:

    The applications tab provides a complete overview to the users from an application perspective. 


    Users can view three tabs: 


    1. Applications used within the organization

    2. Applications used within their department

    3. Applications used by that employee


    The employees can see the most used applications within the organization, top app categories, and the applications in the aforementioned categories. 

      




    2.2  Applications Overview:


    Curated information for every application is available on this page. 




    1. Users:  the total number of active users for that particular application is made available to the employees to provide a clear understanding of organization-wide application usage.


    1. Departments: A list of different departments using that particular application is available to the employees. 


    1. App owner: The name of the application owner is also represented here for the employee.


    1. Compliances: List of different compliances that a particular application is certified with, like SOC2, HIPAA, etc.


    1. Status: Represents the status of the application, whether active or not, in the organization.


    1. Authorization: the authorization status of each application is also provided. Applications could be managed on either a central level, team level, or individual level or unmanaged, providing an employee with the organizational outlook for that particular application.


    1. Risk Level: Represents the risk level of the application like Low, High, etc.


    1. Risk Score: This represents the risk score for each application. It is calculated from various parameters like security events, compliance, security probes, and data shared.


    1. Threat Level: the recent security events from around the globe for that particular application is made available to keep employees informed.


    1. Security and Compliance:  risk and threat levels are made available after thorough and careful analysis. The compliance information is easily accessible for every application to provide a complete security overview for users.


    1. Similar Applications:  a list of similar applications used by other organization members is provided. This goes a long way to prevent purchasing different applications for the same use case.


    1. Alternate Applications:  a list of alternate applications in a similar category is provided to give employees a complete perspective while considering any application.


    App Requisition

    3.1 Request access to an application


    An employee can request access to a new or existing application from the Overview page, Individual Application page, or App Requisition page. 


    Overview page:




    Individual Application Page:




    App requisition Page:




    All paths will lead to the below screens, where an employee can select the application, enter the required details and complete the access procedure. Detailed steps below:



    Step 1: The employee must fill out the application name and click Continue.


    Step 2: When the user clicks on the continue button, Zluri prompts similar applicationsThe user can choose to go for the recommended apps or ignore the recommendations and continue with the request process. 



    Step 3: A page containing the detailed version of the request is generated where the employee has to describe their need for the request. The employee can also upload the necessary documents required to justify their needs. 



    Step 4: Employees can check the "Need more than one license" option if their colleagues also require access to the same application and enter the number of licenses and names of the users they are requesting licenses for.



    Step 5 After entering all the details, the user can click on Confirm Request to submit the request.




    3.2 Requests View


    The employee dashboard has a provision to view all access requests. This page contains all the essential details regarding the access request status. This view provision also displays the request status, helping the employees keep track of all the requests. The employee can also add new requests from this page, which is proof of a seamless UI experience. 



    Employees who want to view or cancel the submitted requests can click on the menu option at the right of each request. 



    They can see the submitted request once they click on the View Request. They can also view the request status by clicking the View Changelog button.




    3.3 Approvals View


    The employee dashboard also has a provision to view all the approvals of licenses or applications. If the employee is tagged as an approver for any request, they can view the Approvals page and take action.



    Inside the request details, an employee will be able to view all the details necessary for them to approve or reject the request and also some other information like View Changelog, whether the app is used in the org or not, other approvers for this request, onboarding and offboarding actions, and comments by others.



  • Can you give me the list of actions permitted by the Security permission in Zluri?

    The security admin role provides access to the security, reports and application page of Zluri. They cannot access transactions, spends, licenses, integrations & workflow modules.

    The snapshot is attached for reference.


    You will find this by navigating here:

    Settings>Administration>Select Permission.

Can’t find what you are looking for? Let us help you!

category image

Settings

These articles explain the general settings in your Zluri workspace.