Orchestration Workspace

Prev Next

The Orchestration Workspace is designed to represent all current connections to SaaS Applications and list all Policy Orchestration Points (POPs) available within the Environment.

SaaS Authorization Management provides out-of-the-box support to leading SaaS vendors and is managed within the Orchestration Workspace.. It enables the Platform to integrate with SaaS vendors to provide standardization and centralized Authorization management while supporting distributed deployment across the organization’s technology stack.

The Orchestration Workspace is used to discover, map, and manage SaaS vendor authorization policies using the vendor's native APIs. It allows your organization to centralize control over Policies originating in third-party applications, while still respecting the structure and constraints of each vendor's authorization model.

Each Orchestration Workspace includes:

  • A list of Policy Orchestration Points (POPs) that define the integration between your Platform Tenant and a specific vendor tenant.
  • A view of the Vendor Policies and Objects discovered through the connection.
  • Tools to discover, manage, and sync Authorization Policies between systems.
Additional Information

For more on POPs, see Managing POPs.
For details on supported vendors and authorizers, see SaaS Authorization Management.

Permissions

The Permissions tab enables you to apply access rights to various levels of the Platform. There are two levels of access permissions: 

Admins have full administrative capabilities within the Environment to create, modify, and delete entities at that level

Viewers have access to a full view of all data-related objects managed within the Environment.

Note: Permissions can only be defined when using an external IDP.  Changes affecting Permissions may take up to 15 minutes to take effect in the Platform.

For more information, see  Platform Permissions.


Creating an Orchestration Workspace

To begin using SaaS Authorization Management, you first need to create an Orchestration Workspace. By default, Environment do not have an Orchestration Workspace. They must be created manually.

Once you have created the Orchestration Workspace, you can manage POPs. Initially, when an Orchestration Workspace is created, the Workspace will be empty, as no POPs have been created yet. Refer to Managing POPs for instructions on how to create a POP.


Workspace Layout and Actions

When accessing an Orchestration Workspace, you can:

This streamlined environment helps ensure consistency and traceability across authorization models, regardless of the vendor’s native structure.