Types of Accounts

At OS33/Workplace, we take security very seriously. Many of our clients work with sensitive and regulated information and rely on us to keep their data secure. The Websites feature is designed to let users use secure passwords and sign you in with one click once they're inside the secure perimeter of Workplace. 

Let's take a look at the different types of Accounts, which are websites with an attached authentication. 

Employee-Controlled Accounts

Employee-Controlled Accounts are accounts where the end-user manages the administration of the account on the web application.  

With Employee-Controlled Accounts, the user can be aware of the username and password needed to access the SaaS application.

Company Managers can assign users to firm-specific Employee-Controlled Accounts. When assigned, the account will be listed on the user's website list.  However, since Workplace requires the credentials of the user for the SaaS application, the saved bookmark may not function correctly until valid credentials are saved by the Company Manager or the User.

If a user is unassigned from an Employee-Controlled Account, additional steps need to be taken within the SaaS application to fully disable the account.

Company-Controlled Accounts

Company-Controlled Accounts are accounts in SaaS applications where the administrators in the firm or organization manage access to the SaaS application by using Security Assertion Markup Language (SAML).

SAML is a form of single-sign-on used by many enterprise software applications. Unlike other SSO scenarios, where the user’s credentials are passed from one system to the other, SAML integrations transfer the user’s identity securely from the Identity Provider (Workplace) to the Service Provider (web applications such as Fidelity and Salesforce), without the use of a password.

When a user's access to Workplace is disabled, access to the SaaS application is also disabled since Workplace is the Identity Provider.

Was this article helpful?