Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

Access Management

Information on managing access permissions to zapliance solutions

Deploying zapliance solutions on-premises in your environment involves multiple components, each enabling tailored access management. This article explains how user access is configured across these components, highlighting your autonomy in defining and controlling access rights according to your organization's policies and requirements.

You can get an overview of all components along with more information in the articles General Setup zapHome OnPrem and General Setup zapHome OnPrem AI.


Virtual Machine / Server

Access to the virtual machine (VM) or server hosting our solutions is managed by your IT department. They can determine who receives access to the VM/server infrastructure according to internal policies and regulations. 

 

Docker Desktop

Access to Docker Desktop (or Docker environments in general) is also fully controlled by your IT team. It configures Docker permissions and access rights according to internal guidelines, ensuring that only authorized personnel can interact with the containerized environment. This includes managing Docker images, networks, and volumes, all in compliance with the your security policies.

 

zapAnalytics

To access zapAnalytics, you will designate a project admin in coordination with zapliance. Only this designated admin receives a Content Bundle from zapliance, which they upload to the software to create a workspace and, within it, a project. Without a workspace, the software cannot be used (i.e. no projects created, SAP data extracted or processed, results exported etc.). 

The admin can add other users to the workspace in accordance with your regulations and policies. This means that you have full control over user access to zapAnalytics projects. No user can open workspaces, projects or results without being added by the admin.

 

SAP RFC

The RFC user (read-only!) is created by your SAP team. zapliance coordinates the data scope and the necessary reading rights with the project admin, who obtains the necessary internal approvals and engages the SAP team to set up the RFC user.

The RFC user is then added to zapAnalytics by entering the username and password, after which the predefined data for a given project can be extracted from your SAP system.

Data extraction is only possible within a zapAnalytics project. To do so, the project admin needs a Content Bundle (cf. section "zapAnalytics"). No one can utilize the RFC user outside a project to extract data from your SAP system.

What this means: You decide who can extract which data from SAP via RFC within zapAnalytics projects.

 

LibreChat (and other chat interfaces)

Access to chat interfaces such as LibreChat is also controlled by your IT team. Authentication in LibreChat can be handled via SSO/Active Directory, configured by your IT/Microsoft admin. This ensures seamless integration with existing identity management frameworks.

 

Power BI Desktop

Access to Power BI Desktop is managed by your Microsoft/IT admin. Login via SSO through your Microsoft Active Directory or Entra ID (formerly Azure AD) is possible, ensuring compliance with internal policies. 

 

Conclusion

The access management framework for zapliance solutions is fully customer-driven. While zapliance facilitates access to zapAnalytics via a Content Bundle for designated users only, all other access layers - VM/server, Docker Desktop, Power BI, and LibreChat - are exclusively governed by your IT department in accordance with internal policies and identity management systems. This approach ensures flexibility, security, and compliance with your specific security requirements.