Account Note: This tab is only available to users with account holder credentials. In a Nutshell It is in the Account tab where you can view account information. It is an Account to which Companies and Users are assigned, and to which subscription billing information is sent. Account Access App Name & Module Client ID Who needs this? Abbreviation Knowledge Management - Checklist Instances checklist-data-collector Backoffice engineers, dispatchers or technicians who want to fill in checklists from a Web Application accessable from WFM or KM CDC Store store2 Backoffice engineers responsible for setting user group permissions. STORE Workforce Management - Time & Material time-material-journal Dispatchers, team leads or project managers who review and approve recording for time and material TM A Closer Look When you navigate to the Account tab, you will see the following information: Field Description ID The unique ID of the account. This value is automatically generated by the application. Name The name associated with the account. Email The email address associated with the account. Cluster The server cluster associated with the account (note: all trial accounts use the Ireland-based server cluster). Login Enabled Yes or No. When yes, the user associated with the account will be able to login. Password Encrypted. Password Expiry Date The expiration date of the account password. Password Status The current status of the password. Roles The role assigned to the account. Examples include: USER, SUPERUSER, EXTERNAL_USER. Maintenance Created The date on which the account was created. Updated The last date/time on which the account was updated. Active True or false. When true, the account is currently in use and perform application activities. Deleted True or false. When deleted, it will display True and remain available for historical record-keeping purposes. Audit Logs True or false. When active, audit logs will be created. Security Clients (legacy API) If applicable, the clients associated with the legacy API. Clients (OAuth2 API) If applicable, the clients associated with API that uses OAuth2 for authentication. Minimum Client Version Define minimum versions required for different clients. In case a specific client application is not defined here access is allowed for any client application version. Please see the mimumum client version section below for more information. Default SAML Configuration If applicable. For more information on SAML, please refer to the following topic on Federated Authentication Email Login Supported When ON, users can enter the email address associated with the user/account to access the application. Login Enabled ON or OFF. When OFF, loginng into Admin is only possible with User credentials. When ON, logging into Admin with account credentials is possible. ATTENTION: To be able to manage the account assign at least one user to the SUPERUSER role before disabling this flag. Otherwise, you will no longer be able to manage your account.. Legacy Password Hash Supported ON or OFF. When ON legacy passwords generated using hash will be supported. Legacy Authentication Log-In Supported ON or OFF. When OFF, API access using old Authentication (just username / password) is not possible anymore for your account. Client Authentication Throttling ON or OFF. When ON, the application will throttle user login after unsuccessful login attempts when the OAuth clientID / secret are incorrect. Strict Data Access ON or OFF. When ON, this prevents everybody but the users associated with your account from accessing data. ATTENTION: this includes Coresystems Support and therefore can slow down the support process. Use External Access to grant support access to your account. Wrong Password Attempts The number of wrong password attempts that can be entered. Roles The following roles can be assigned to users: Role Description Access to Admin App USER This role provides access to Coresystems Apps. No SUPERUSER Same privileges in Admin as when login in with account credentials / used to manage the Account. Yes EXTERNAL_USER Same privileges as USER, only for grouping purposes. No Minimum Client Version In the Account tab of the Admin module, you can define which minimum app version can be used for mobile and web-based applications. This can be used to ensure that users are using the latest version possible, or a version specific to desired functionality. To configure or update an minimum client version, you must Edit the account configuration. Field Description ID The client ID Name The name of the account. Email The email address of the primary account holder. Clients (Legacy API) If applicable, the clients associated with the legacy API. Clients (OAuth2 API) If applicable, the clients associated with API that uses OAuth2 for authentication. Client IDs A minimum version can be configured for the following clients: App Name Short Description Client Id Administration Admin admin Analytics & Reporting AR reporting Configuration CO or Config configuration Data Loader DL data-loader Knowledge Management KM knowledge-management Map Map map2 Market Place MP (TBC) marketplace Master Data Management MDM master-data-management Mobile Field Service App - Android Android android Mobile Field Service App - iOS iOS ios Mobile Field Service App - Windows Windows windows Project Management PM project-management Report Designer (JasperSoft Plugin) RD reportdesigner Scribe Integration SI scribe Service Crowd SC (TBC) service-crowd Sign Up SU sign-up System Monitoring SM monitoring Workforce Management WFM workforce-management Zapier Integration ZI zapier This Client ID can be entered into the client ID field, after which a minimum version can be set for it in the field beside it (example: 6.0.0). Notes Description Impact Under “Clients (legacy API)” the following description is displayed: “Define which clients using the legacy API are allowed to access the specific account. This list is exclusive for all clients using the legacy API.” This setting does not have any effect on updated clients using the recommended oAuth2 API. Under the “Clients (OAuth2 API)” the following description is displayed: “Define the allowed IP ranges of client ids. This list is exclusive which means access is only possible for the clients and IP ranges defined here. In case only one client application is defined here, the access is disabled for all other clients. Under the “Minimum Client Versions” the following description is displayed: “Define minimum versions required for different clients. In case a specific client application is not defined here access is allowed for any client application version. Generating Client ID and Secret A client ID and secret used for custom integrations can be generated by completing the following steps: Navigate to Admin > Account > Client. Select the create option in the top-right corner: The application will then redirect to the following view, where you can enter a client ID and a client secret: When complete, select Save. This information can now be used in the authorization grant of an authorization request.