This article outlines the main steps to start setting up 1Password SaaS Manager for your organization. Before you begin, sign up for a free trial. If someone else at your organization has already signed up, you'll be added to the existing account for your organization.
If you're not sure whether your organization already has an account in 1Password SaaS Manager, contact us.
Get started
The first step towards SaaS management is to your apps and determine the people that use them. The best way to do this is by connecting SaaS Manager to your organization's Identity Provider (IdP). You can also import an existing list of apps.
From your SaaS Manager dashboard, select Get started to be guided through the process.
Connect your Identity provider (IdP)
SaaS Manager works best when integrated with your identity provider (IdP). This allows SaaS Manager to automatically discover and synchronize all people in your organization, and identify many of the apps that they are using. You can connect as many IdPs as you need.
Common IdPs include Google Workspace (formerly G Suite), Microsoft Entra ID (formerly Azure AD), and Okta. You'll need administrator access to your IdP to integrate it with SaaS Manager.
When an admin logs in for the first time, they'll see an onboarding wizard they can use to streamline connection of one or more IdPs directly from the dashboard. After an IdP is connected, the connection status will be shown (Importing, Failed, or Complete). The dashboard then updates in real time as apps and people are discovered from the IdP, so the admin can move onto next steps in the onboarding flow.
Review settings
After an IdP is connected, admins can review critical settings such as lifecycle source, team source, and person type rules. These settings help improve data quality and inform insights. SaaS Manager applies defaults, but you can adjust them during this step or change them later under Settings.
-
Lifecycle source - the onboarding wizard decides the default for this based on the following logic:
- If Okta is connected, it becomes the default.
- If Okta isn't connect, the first connected IdP becomes the default.
- Person type rules - the onboarding wizard includes information about person type rules and links to settings where you can review and customize these options.
- Team source - the onboarding wizard applies "Manual or groups" by default, or you can select your team source.
After critical settings are selected, you can start connecting apps.
Connect to apps
After you establish your settings, you can start connecting apps. The onboarding wizard will surface recommended apps, based on your IdP, lifecycle source, and other settings, which you can then connect directly. Each recommended app will include the number of accounts discovered and a brief explanation of why it's recommended. For example, "Google Workspace often contains leavers who still have access and need offboarding." App recommendations can be dismissed.
Select a recommended app to see that app's integration page. After you connect to an app, you'll be directed back to the dashboard. From the dashboard, you can view information on license optimization and other account information, such as total number of accounts and underutilized accounts. This helps you make sure company resources are being appropriately utilized.
For more information on connecting apps and the App Catalog, see Triage the App Catalog and Discover and manage more apps.
Import your existing inventory
Optionally, you can also import an existing inventory of apps from a wiki, spreadsheet, or other software tool. Paste in the names of the apps as a comma-separated or newline-separated list.
Combine discovery sources
After you've finished these steps, you'll be shown a summary of the results from each source.
For larger organizations, it can take up to 30 minutes to complete discovery. The Results page displays live progress.
SaaS Manager combines the information from your sources into a single inventory of apps and a directory of people. Select Finish to view the results of this on your dashboard.
Next steps
After you've connected SaaS Manager to your IdP, the next step is to start triaging your apps. From the navigation pane, select Applications to open the Apps catalog and view the list of apps that SaaS Manager has identified so far. Use the filters to start triaging the inventory, updating the status of apps, and assigning owners of specific apps. For more information, see Triage the App Catalog.
To give other members of your team or the wider organization access to SaaS Manager, we recommend you configure SAML-based single sign-on via your IdP so that they can log in easily. Alternatively, you can turn on use requests or invite individuals from the People directory.
Comments
0 comments
Please sign in to leave a comment.