SOBO - where are the settings in admin? - docusignapi

From the documentation, where exactly is the settings for these 2 in the admin site?
Users who want to authenticate on behalf of other account users must have the following settings enabled to use SOBO:
apiAccountWideAccess
allowSendOnBehalfOf
If you are setting user permissions through the DocuSign web console these correspond to the Account-Wide Rights and Send On Behalf Of Rights (API) settings.

I had to switch to "Classic" version of Admin to find it. Hit the dropdown under your picture and choose Preferences. From there, it is under the permissions tab.

Related

Unable to access Docusign Admin

Recently we have purchased a production account. I have logged into the account as Account Administrator but I am unable to see Docusign Admin. This was not the case for the developer account where it was already present from beforehand.
I need it as I have to add an organisation.
Below I have added a picture of how it looks in dev account.
So, most likely you have someone else in your company who is the admin. You will to find out who that is.
Every account has to have one admin at all times. You don't see to have administrative rights, but someone else may have.
If not, or if you don't know who that is - you will need to contact customer support to get this restored and take over as admin.
Another option is that you have multiple accounts in production. Meaning, when you log in, your user is a member of more than one account. You need to switch accounts. That switcher is an option on the right-top menu.
If you had "Admin" in Demo, then someone had to add that as it is not provided by default. Admin tools (Org Management and Access Management w/ SSO) are only included in the Enterprise Pro plan. For Business Pro or Standard plans, it is a paid add-on. Check to see if your account is an Enterprise Pro plan.
Also, if your company already has Org Mgmt, a "DocuSign Admin" (org, not account admin) needs to link this new account to the Org.

Method to "Intervene" after a login, to force user to update contact info

Every 3 months, we have a requirement to force a user to an app to update their contact info (this is an in-house app, and we also will have situation that is an app to update emergency alert phone and email addresses) before they can access any other apps on the onelogin dashboard. Once a user has updated their info, then they can access the onelogin dashboard as usual. Do you have any examples or provide any ideas of how this could be done?
An account administrator can log into their companies onelogin portal.
In the upper right hand corner there is link Administration click it.
In the administration panel hover over the Security tab and select Policies when it appears.
Start a new policy. On the left side there is a tab Password. This allows you to enforce the password age policy.
Once the policy has been configured, it just needs to be applied to the users.

API Permission Status not granted warning in Azure AD Application API Permission

In the below image as you could see I'm getting the warning,
"Not granted for SKCET Corporation Private Limited",
what should I do to remove it ?
A Global Administrator would need to go to that page and click Grant admin consent button.
You can see the documentation on admin consent here: https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent
Make sure that if you're the only one or just opened the account that you are an admin on Microsoft 365.
You will need to add a TXT record in your DNS settings (F.e. Route53 - AWS)
https://learn.microsoft.com/en-us/microsoft-365/admin/misc/become-the-admin?view=o365-worldwide
Once that is verified you will automatically be a global administrator and then you will have access to all admin features.
Then just click on the small hard to see in grey here:

Microsoft Graph Api User.Read.All Not granted for my domain

I am getting the following error or status Not granted for my domain. see the attached document
Is this because my role is User?
I tried to find who is Azure AD Global Administrator?
I followed the following steps:
Log into the Azure Portal (https://portal.azure.com).
Click on Azure Active Directory
Click on Roles and administrators
Click on Global administrator
Under Global administrator it says Microsoft Office 365 Portal
what does it mean?
How can I or someone else in organization become Global administrator?
I want API permissions->User.Read.All Not granted for mydomain
PS: My email is work email.
Update 1
My role is user
Update 2
Global administrator - Assignments say's Microsoft Office 365 Portal is my Admin. How to get these credentials?
I was similiarly frustrated here: it's very hard to spot, however you'll notice that the 'grant admin consent for -' is reset on every update to permissions.
Therefore: simply re-tick this and wait a few seconds for the warnings to disappear.
I too thought I was missing a step elsewhere, very misleading!
For User.Read.All permission you should have Admin Consent which a User cannot avail.
You should have either Global Admin or Application administrator credentials.
Permission Required:
Please refer to this official document Permission details
Admin Credentials:
For Admin credentials details refer to this document
Office 365 Admin Role Assignment:
Hope this will help. Let me know if you have any more concern.
Make sure that if you're the only one or just opened the account that you are an admin on Microsoft 365.
You will need to add a TXT record in your DNS settings (F.e. Route53 - AWS) https://learn.microsoft.com/en-us/microsoft-365/admin/misc/become-the-admin?view=o365-worldwide
Once that is verified you will automatically be a global administrator and then you will have access to all admin features.
Go back to Azure and then just click on the small hard to see in grey here:

Netsuite SuiteCloud IDE How to setup administrator user to not have two-factor authentication

I would like to use the NetSuite SuiteCloud IDE (Eclipse plugin), but I am also an Administrator. If you're an Administrator NetSuite requires you to have two factor authentication enabled, but if you want to use the SuiteCloud IDE you can't have two factor authentication enabled. How does one get out of this Catch-22?
I'm new to NetSuite so I don't know much about setting up roles. Do I just add another role with full permissions (or what permissions are needed?)? How would the SuiteCloud IDE know to use that role? Or do I have to create myself as an employee twice with different emails (this would be bad since we don't have many users)?
NetSuite has enabled and made mandatory 2FA for Administrators, so in order to use SuiteCloud Plugin, you will have to use role other than Administrator.
do I have to create myself as an employee twice with different emails
No, you can assign multiple roles to single user and then select that role in SuiteCloud Plugin.
I haven't used SuiteCloud plugin for a long time, but I think NetSuite has added feature to login using TBA.(not 100% sure though)
How would the SuiteCloud IDE know to use that role?
When you provide your creds in Eclipse, it specifies all the accounts and roles that are assigned to the current user, so you can select any role except administrator which has access to file cabinet.
You'll need to enable two-factor authentication for your administrator role, or, create another role for development and use that. (Preferred.) If you look in the NetSuite help there is a topic on setting up TBA with Eclipse.
Administrator role with 2FA can be used with Eclipse IDE.
In your NS account as administrator, create a new integration:
Setup > Integration > Manage Integrations > New
Name your integration SuiteCloude IDE or something like that
Check the Token-Based authentication box.
Then from your Administrator dashboard, create a new access token.
Then in Eclipse, go to Manage accounts:
Netsuite menu > Manage Accounts
Select the account with the administrator role, and manage authentication.
Select the Administrator Role, and SAVE TOKEN.
Here you can enter the Token ID and Token Secret created in your NetSuite account.
Then you should be good to go in Eclipse. Make sure you set the Eclipse project to now use the Admin role.

Resources