In the Administration application, it is possible to configure global system settings. Application-specific settings are managed in the corresponding application.
In general tabulator, the following information can be found:
- Application page title (in browser): enter the text that will be added to the title in the browser toolbar. The entered page title text is added to the currently visited page of the application.
- Logo shown in Reports: Click the selection button to specify or edit the location of an image that should be used as a company logo for reports.
- Prefix for custom Schema Objects: This prefix is used when a new data definition or configuration item is created as part of customization.
- Feedback Enabled: Enable this option to activate the customer feedback form shown in the application header.
- Open Edit Dialog (read-only) in case Preview is not available: Enable this option to open Edit dialog instead of Preview whenever Preview is not available (preview displaying is not enabled, not available for the application or restricted by the user permissions). A Dialog will be opened in read-only mode with all the actions that should have been available for the respective Preview, so it will look like Preview.
- Database Server, Database Name and Database Account: These are the non-editable fields pertaining to the Web server access to the database.
- Version: the current version of the Matrix42 platform is shown in the global setting preview page.
Secure Token Service
Configure application login and user authorization options. Select the necessary checkboxes to enable the following login options:
|1. Single sign-on enabled||
Select only this check-box to call the Windows Authentication login form. The authentication form is shown on top of the standard login page of the Matrix42 Software Asset & Service Management:
|2. Browser credentials enabled||
Allows to login using cached login credentials. Enables "Use Browser Credentials" button on the application login page:
|3. SAML2 enabled||
Activates SAML2 in the application.
When application login with enabled SAML2 and Single Sign On fails or results in an error message due to outdated or incorrect SAML configuration use the force login page to bypass the error and adjust the secure token service login settings:
To log in with your valid credentials add the force login page parameter to your URL:
For more information see the SAML2 configuration guide page.
|4. Use Matrix42 MyWorkspace||Access is configured in a dedicated area of the Administration application, as described below.|
- Mailing Enabled: Activate or deactivate e-mail traffic.
- SMTP Server: Name of the e-mail server.
- Default Sender: Sender address for e-mails. By default, e-mails triggered by the compliance rules are sent from this address. Send E-mail action e-mails use default notification settings of the Service Desk.
- Mode: Use this field to specify the e-mails sending mode:
- Send E-mail (default): e-mails are sent directly to the recipients and not stored. Failed or Not Sent e-mails are stored in the system database (SPSEmailClassBase Data Definition) and shown on the E-mails page of the Administration application. Once successfully sent, the e-mails are no longer available in the database and consequently on the E-mails page;
- Send E-mail and store it in the Database: all e-mails regardless of e-mail status are saved in the database are stored in the SPSEmailClassBase Data Definition and displayed on the E-mails page;
- Write E-mails to Specified Folder: all e-mails are saved in the specified folder of the application server. This option requires the path to the e-mail folder.
- E-mail Folder: folder in which your e-mails are stored on the application server.
- Use SMTP Authentication: Select this checkbox if you want to log on to the SMTP server with a user account and select one of the options as provided below.
- Use Integrated Security (Use Service Account): Select this option if you want to log on to the SMTP server with an internal service account of Matrix42 Workspace Management.
- Use following Credentials: Select this option if you want to log on to the SMTP server with your network account and fill out the credentials.
- Account: User account with which you log on to the mail server.
- Password: Password with which you log on to the mail server.
- Use SSL: Select this checkbox if you want to use a secure SSL connection to send e-mails.
- Use Network Credentials container to pass credentials: Select this checkbox if your system environment requires this special way of transferring login information to the SMTP server.
- Software Asset & Service Management URL: If e-mails contain links to the console, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
- Software Asset & Service Management URL for UUX: If e-mails contain links to the UUX, this URL is used. By default, the fully qualified name of the server is included in the URL. However, if the application can only be called by using the short name, this name should be specified here.
- Recipients In Single Mail: Maximum number of e-mail addresses that can be specified as recipients in a single e-mail. For example, if you want to send an e-mail to 100 people and 20 was entered in this field, then five e-mails are sent, and each of these five e-mails is sent to 20 recipients.
- Max Threads: Maximum number of e-mails that the e-mail robot can process simultaneously.
- Skip Threshold: Maximum number of recipients per e-mail. The e-mail will not be sent if this number is exceeded. If the number of recipients is unlimited, enter 0.
- Attempts to Send: Specify the number of unsuccessful e-mail sending attempts. When this number is exceeded, the status of e-mails on the E-mails page is set to Failed.
- Clean Up Mails after (Days): After the number of days (default value is 90) that is specified in this field, all e-mails stored in the database will be deleted. If this field is empty, the e-mails are never deleted.
Integration: Matrix42 Accounts Integration settings enable the Matrix42 Accounts Data Provider to import Matrix42 Accounts.
- Enterprise Name: The name of your company as has been specified on your company's user profile page at https://accounts.matrix42.com/ when creating an access token.
- Server: The API server used to access Matrix42 Accounts.
- Access Token: Access token that needs to be generated manually on your company's user profile page at https://accounts.matrix42.com/.
Single Sign-On settings enable log-in to the Matrix42 Workspace Management with a Matrix42 Account:
- Enabled: Select the checkbox to enable the ability to log in to Matrix42 Workspace Management with a Matrix42 Account.
- Scope, Client Id, Client Secret: After your application has been registered with Matrix42 Access Control System (ACS) by the ACS service administrator, you will receive the scope, client ID, and client secret values. The scope, client ID, and client secret are used by the application each time a user selects to be logged in by using their Matrix42 Account. If this data is valid and the corresponding account has been previously imported by the Matrix42 Accounts Data Provider, ACS authenticates the user and logs in the user to Matrix42 Workspace Management.
These settings relate to the system services of Matrix42 Workspace Management. They can be changed only after you have consulted Matrix42.
Basic settings for support of Facebook, Twitter and push notifications for Matrix42 mobile application.
- Facebook is Available: enable the check-box and configure access to the company's Facebook account:
- Facebook Alias: username or the alias of the page;
- Facebook Access Token: an access token is needed any time the application calls the Facebook API. Access tokens are obtained via a number of methods, as described in the Facebook for Developers documentation.
- Twitter is Available: enable the check-box and configure access to the company's Twitter account. All fields are mandatory:
- Twitter Access Secret: authorization password, used with the Access Token every time the client (in this case the mobile application) wants to access the data.
- Twitter Access Token: is issued to the client once the client successfully authenticates using the Consumer Key and Consumer Secret. Access Token defines the privileges of the client and what data the client can and cannot access;
- Twitter Consumer Key: API key associated with the Twitter application. ;
- Twitter Consumer Secret: the client password that is used to authenticate with the Twitter authentication server;
- Twitter Alias: the account's screen name, handle, or alias;
- Show address field in Contacts:
Configured social media access delivers the latest news from the company's Facebook and Twitter accounts to the News page of the Matrix42 mobile application.
- Enabled: enable the check-box and configure the push notifications.
- Setup push notifications: click this button and follow the instructions to generate the access token and enable push notifications on the mobile devices.
- Server URL: push notifications server URL address.
Push notifications should also be enabled in:
- Order Approval related workflow activities:
- Additionally configured for the news and posts from the enabled Facebook and Twitter social media accounts:
- Lock accounts after failed login attempts: Select this checkbox to make user accounts unavailable after a certain number of unsuccessful logins to the Matrix42 Self Service Portal or the Matrix42 Workspace Management Console.
- Number of failed attempts: Number of unsuccessful login attempts after which the accounts should be locked. This field becomes active after you select the Lock accounts after failed login attempts check-box.
- Enable automatic accounts unlocking: Select this checkbox if you want the system to automatically unlock the previously locked accounts. This checkbox becomes active after you select the Lock accounts after failed login attempts checkbox.
- Time until automatic unlock: Time period (in minutes) that should pass after an account has been locked and until it will be automatically unlocked. This field becomes active after you select the Enable automatic accounts unlocking checkbox.
- Enable session lifetime (in hours): Select this checkbox if you want your session to last a specific number of hours.
- Session lifetime: Number of hours for session lifetime. This field becomes active after you select the Enable session lifetime (in hours) checkbox.
- Default UI Language: Default language of the Matrix42 Workspace Management user interface.
- Supported User Languages: Languages into which the Matrix42 Workspace Management user interface is currently localized.
- Default Mail Language: Default language of the e-mails that are sent within Matrix42 Workspace Management.
- Supported Mail Languages: Languages that can be used in e-mails that are sent within Matrix42 Workspace Management.
Choose one of the suggested options for the Workflow Engine Definition:
- Use legacy Workflow Engine (AppFabric): The System uses AppFabric for processing Workflow commands.
[TECHNICAL PREVIEW] Use Workflow Worker together with Legacy Workflow Engine (AppFabric): This option combines two workflow processing methods and is considered as an interim solution before the complete and ultimate migration to the new engine using Workflow Workers. The System uses Workflow Workers for starting and processing all Workflows marked as “Use Workflow Worker”. Workflows that are either incompatible or have already been started on legacy Workflow Engine will keep using AppFabric for execution.
This option requires additional configuration of the Workflow Worker:
Enabled: select the checkbox to enable the new workflow processes running on the Cloud Workflow Worker;
Workflow Worker Deployment Ring: deployment rings provide the way to separate the Workflow Worker service users into deployment groups. Each deployment ring reduces the risk of issues derived from the deployment of the features and updates by firstly aiming at the most adaptable users who are willing to use the latest updates as soon as possible and gradually extending the targeted audience to those who are the least adaptable for the changes and tend to minimize the risks that might be caused by any system update.
Early Adopters: receive new builds first and often early, even before the update is deployed broadly across the organization;
Technical Preview: intermediate stage;
Release: broadly deployed and stable release version.
Server connection and authentication settings fields:
Application Server Token User
Authentication Server URL
Click "Setup Authentication" button and follow the instructions to get the necessary connection credentials.
Technical Preview implementation must not be used in production.
Use Workflow Worker: The System uses only Workflow Workers to execute all kinds of Workflow operations.