Allowing Account Access

This article explains how to manage the Account Access for your Cato account and allow Cato Sales Engineers, Customer Success, and other representatives to make changes to your account.

Overview

As part of industry-standard best practices, Cato's Role Based Access Control (RBAC) lets you limit admin permissions for your account and only provide the minimum access level to Cato Management Application admins. Similarly, sometimes you may need professional advice from Cato PS or CS and it's necessary to allow them to view settings in your account. Use the Account Access page to manage access to your account for Cato PS, CS, and other employees.

The Cato Resource Access ID (CRA ID) is a unique ID that you use to grant access to your account.

Cato Support Accessing Accounts

When you open Cato Support tickets, you are granting read-only access for the Cato Support engineers to your account. The Account Access feature isn't used to manage access for Cato Support engineers.

Sample Account Access Use Cases

These are some examples where an admin for a Cato customer gives temporary access to the account using the Account Access page.

Customer Needs Advice from Cato SE

In this sample use case, a customer needs assistance from a Cato SE to review the settings for their account.

  1. Admin contacts Cato SE to review their account settings.

  2. Cato SE sends their CRA ID to the admin.

  3. Admin creates an account access rule for the Cato SE:

    1. (Optional) Enter a Reason for the access.

    2. Define the Time Range that is required for this change. After this time, the Cato SE no longer has access to the account.

    3. Define the admin role (Roles & Permissions) for the Cato SE.

      You can define a predefined role or a dedicated Account Control role.

  4. Admin updates the Cato SE that they now have read-only access to the account in the Cato Management Application.

Cato SE Initiates Request for Account Access

In this sample use case, a Cato SE (account manager) contacts the head of IT for a customer to view the account to give advice for a new feature.

  1. Cato SE contacts the admin that is the head of the IT department and requests access to specific pages to help change account settings.

  2. Admin reviews the request and approves it.

  3. Cato SE sends their CRA ID to the admin.

  4. Admin creates an account access rule for the Cato SE:

    1. (Optional) Enter a Reason for the access.

    2. Define the Time Range that is required for this change. After this time, the Cato SE no longer has access to the account.

    3. Define the Roles & Permissions for the pages that the Cato SE requested.

  5. Admin updates the Cato SE that they now have read-only access to the account in the Cato Management Application.

Granting Account Access to a Cato Account Representative

When you receive the CRA ID from a Cato account representative, create a new Account Access rule for that person. Define the Time Range that the Cato account representative has permissions to access your account. Then select the Roles & Permissions that determine which Cato Management Application pages they can view and edit. You can define admin access for a predefined role or a dedicated Account Control role. For more information about admin roles, see Configuring Roles and Permissions for Admins (RBAC).

You can edit the Account Access rule to update the settings or delete the rule to revoke permissions. The Audit Trail records when an Account Access rule is created, updated, or deleted.

Best Practice: Only allow access for the required amount of time and select a role with the minimal permissions for pages in the Cato Management Application.

AccountAccess.png

To grant account access to a Cato representative:

  1. From the navigation menu, click Administration > Account Access.

  2. Click New. The New Access panel opens.

  3. Configure the settings to Grant Access to the Cato representative:

    1. Paste the CRA ID that you received, and click Apply.

      The CRA ID is verified, and the admin information is automatically updated.

    2. (Optional) Enter the Reason you're granting access to the account.

  4. Define the Time Range that they will have access to your account.

  5. In Roles & Permissions, select one or more roles for the Cato Management Application.

  6. Click Save. The Account Access rule is added to the page, and the Cato representative can access the account.

Was this article helpful?

1 out of 1 found this helpful

0 comments

Add your comment