Setting up Automatic User Access with KaseyaOne for Graphus

Introduction

Once you have enabled KaseyaOne Unified Login for your organization, you can automatically allow KaseyaOne users access to Graphus without the need to create a separate Graphus user account. This feature is enabled in Graphus with the Automatic User Access feature on the KaseyaOne tab on the MSP Administration page.

NOTE When the Enable Log In With KaseyaOne toggle is enabled, all users from KaseyaOne can log into Graphus using KaseyaOne Unified Login.

Pre-Requisites

You must be a partner administrator for Graphus and KaseyaOne with valid login credentials for each. If you don't have one, contact your administrator.
To activate, a unified login KaseyaOne Master user and a local Graphus portal admin user are required.
The Enable Log In with KaseyaOne toggle must be activated and have an active mapping with a KaseyaOne account before the Automatic User Access feature can be activated.
The Automatic User Access feature can be enabled by the MSP admin provided they have enabled Log in with KaseyaOne for the MSP.

Automatic User Access

When Automatic User Access is enabled on the KaseyaOne > Admin Settings page, KaseyaOne users will be able to access Graphus without the need to create a separate Graphus user account.

This applies when a user attempts to log into Graphus on the Graphus login page using their KaseyaOne account credentials or tries to access Graphus from the KaseyaOne site page.

Additionally, you must select a default access role when using the Automatic User Access functionality. This role is automatically assigned to the newly generated users.

User Management for Automatic User Access Users

Once the KaseyaOne user is given access to the Graphus product through the Automatic User Access feature, the user will appear on the MSP Administration > User Management page, on the KaseyaOne Users tab. The KaseyaOne Users tab displays only users created via Automatic User Access.

You have the ability to create local users from the KaseyaOne Users tab using the Create local user icon.

When doing so, the user will be removed from the KaseyaOne Users table and added to the Local Users table. The user will only be able to log into Graphus locally using their Graphus credentials.

NOTE The Local Users tab contains the list of Graphus users that were created locally.

Activity Log for Automatic User Access Users

The Activity Log is a dedicated page within the MSP Administration page where administrators can view a chronological record of activities performed by users. It serves as a comprehensive log that captures various actions taken within the application.

The purpose of the Activity Log is to offer transparency and visibility into the operations occurring within the Graphus platform. This feature helps administrators and security personnel track changes, troubleshoot issues, and ensure compliance with security and operational policies.

The Activity Log includes entries for both local users and KaseyaOne users. Local users are likely those directly associated with the MSP Administration page, while KaseyaOne users refers to users who access the MSP services through the KaseyaOne platform.

Each log entry typically contains the following information:

Action Time: The timestamp indicating when the specific action was performed. This helps in tracking the timing of events and identifying patterns.
Username: Specifies the email address of the user who initiated the action, providing accountability for each logged event.
Category: Describes the type or nature of the activity performed. This could include actions such as account modifications, configuration changes, or information viewed by the user.

The following are situations in which the Activity Log is useful:

Auditing: The Activity Log serves as a comprehensive audit trail, allowing administrators to review and validate actions taken by users.
Troubleshooting: In the event of issues or discrepancies, administrators can refer to the Activity Log to identify the sequence of events leading up to the problem.
Security monitoring: Monitoring the Activity Log helps detect and respond to unusual or unauthorized actions, enhancing overall system security.
Access Control: Typically, access to the Activity Log is restricted to authorized personnel, ensuring that only designated individuals can review and analyze the recorded information.

To summarize, the Activity Log feature on the MSP administration page provides a valuable tool for maintaining operational integrity, enhancing security, and facilitating efficient management of MSP activities.

How to...

Enable Automatic User Access

From the MSP Administration tab, in the left navigation pane, click KaseyaOne
Verify the Enable Log in with KaseyaOne toggle is activated. If it is not, click the toggle to activate it.
In the Central User Management section, click the Enable Automatic User Access toggle button to activate it.
In the Role drop-down list, ANALYST is selected by default and is the role that will be assigned automatically to each new user. If desired, you can select ADMIN.

Click Save.

Manage KaseyaOne users

In the navigation menu, click User Management.
Click the KaseyaOne Users tab. The KaseyaOne Users tab displays only users created via Automatic User Access.
To create a local user from a user in the KaseyaOne Users table:
1. In the KaseyaOne Users table page, locate the user for whom you want to create as a local user.
2. Hover over the Action column and click the + Create local user icon.
  
  The user is removed from the KaseyaOne Users table and added to the Local Users table.

NOTE When an admin attempts to create a local user via the Add Local User button, Graphus will check if the email address entered for the local user matches an email address in the Local Users table or the KaseyaOne Users table. If it does, Graphus will not create the user and an error message will be displayed.

View the Activity Log

On MSP Administration page, in the navigation menu, click Activity Log.
Click the KaseyaOne Users tab or the Local Users tab.
You can view users' activities in a certain date range. Select a date range and click Apply.
In the upper-right corner, you can click the All Users drop-down list to select a specific user.

This displays only the actions for the selected user.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.