In Onna, admins can connect enterprise data sources using their enterprise credentials. However, there may be a case where some admins won't have the proper origin account type to do so. As an Onna admin, you're now able to share admin permissions for enterprise sources with other Onna admins using an Authorized Connection.
For a short video overview of Authorized Connections in Onna, please see below:
Adding Admin Credentials
The Authorized Connections section is a secure place where Onna admins can share source permissions for new sources added to the platform. All Enterprise source permissions can be saved as authorized connections, this includes:
Microsoft Outlook Enterprise
Microsoft Teams Enterprise
Only one Zoom user account could be created due to a Zoom limitation, so if you create a firstname.lastname@example.org connection, you cannot create another one with the same email without impacting the original authorized connection.
Note: Currently, this feature is only available for Onna admins
To add source credentials, access your Authorized Connections by clicking your profile image located in the top right-hand corner.
and selecting 'Authorized Connections' from the menu.
On this screen, you will see any Enterprise Sources that have been added. You can also add additional enterprise sources by clicking Add Admin Credentials, selecting the source you wish to add, and then hit Connect.
Once you hit connect, Onna will redirect to the source OAuth flow. You would need to require specific credentials depending on the source you selected. For example, for Slack Enterprise, we require Slack Org Owner credentials.
Sharing Admin credentials with other users.
As an admin, you can do several actions. Ellipses will appear when you hover your mouse over the source on the top right corner. Clicking on the three dots will provide you the following options:
Share credentials - This allows you to share admin credentials with another user.
Revoke all - Revokes all credentials that have been shared with another user.
Note: By revoking credentials, the source that has been collected using those credentials will stop syncing data into Onna.
To share credentials with another admin, select Share Credentials. You'll be presented with the following window.
You'll have the option to either add a single admin or multiple admins to share your credentials. Once you have selected the admins you wish to share your credentials with, click Share. Once the credentials have been shared, the authorized connections will be updated as follows:
The number of sources, below the user's name, reflects the number of sources that the user has created so far using this connection they have access to. As an admin, you can modify what actions each user can perform using the authorized source via the drop-down menu.
They're three permission levels you can set for each user:
Granted access -Users can only Add and Sync a source with the shared credentials
Declined to add - Users can no longer add and sync any new source. However, the sources that the user has created will continue syncing.
Revoked - Users cannot add or sync any source. All sources that have been created by the user using the shared credentials will stop syncing.
Connecting a source using shared admin credentials
As an admin user, once you have gained access to the source credentials, you're now able to add an enterprise source using the shared credentials. To use the share credentials, Add a new source.
Select the source you'd like to add. In this case, we will select Slack Enterprise.
You will now see the option to add the source by continuing as the admin holder of the account, as indicated above, with the button that says, "Continue as email@example.com." If you select that option you'll be taken straight through to the account details and not need to go through OAuth.
Alternatively, you'll see the option to Switch accounts, which will allow you to switch the account you'd like to use to add the source. Connecting with another account will take you through the standard OAuth Slack flow for that account.
Once the source has been added, the original credential holder will be able to see the number of sources you have added to the source using their credentials, as indicated in the screenshot below.
Sharing Account Permissions with Authorized Connections FAQ's
If the password of an account is changed will I have to update it in Authorized connections?
No, Onna does not store your password information. It creates a token that allows access to the account. You will not need to update the password unless you go through the OAuth flow again.
Is there an Expiration Date for an Authorized Connection?
No, currently an Authorized Connection will be in place until you manually revoke the permission in Onna.
What do we do if the source owner who created the authorized connection leaves the organization? What will happen to the data sources using the authorized connection?
In the event that the source owner leaves the organization, resulting in the authorized connection becoming invalid, you can create a new authorized connection for your enterprise source. Afterward, please contact Onna support with the Enterprise source and creator email address for the new authorized connection. The Onna support can transfer the invalid authorized connections to the new one for the affected data sources.
To minimize this issue, we recommend that you avoid using personal accounts to set up your authorized connections in Onna.