Viewing your application integrations

Overview

In this article, we will walkthrough the Applications page in BalkanID. The Applications page gives a list of all applications that have been integrated within the BalkanID tenant.

To navigate to the Applications page, select the Applications page from Entities group.

You can use the search box and filters to explore the applications integrated with BalkanID. The following filter fields are available for this page:

• Application - This field filters based on the specific Application Integration that you would like to explore. For example, to view Azure (Test Environment) data, you can add it as a filter in this field.

• Application Type - This field filters based on the type of application and returns all integrations for that type of application. For example, choosing AWS as the application type will return all application integrations into your tenant which have AWS.

• Primary Owner - This field filters based on the Primary Owner of the application. For example, to view all application integrations owned by Abbot Reese, add it as a filter in this field.

Using multiple filter fields together will help you navigate through the data swiftly and will make your time spent on discovering entities a lot more productive. Refer to working with filters to learn more about filters.

Viewing Individual Application Pages

When you click on an application from the list, a dedicated page opens, providing a more detailed view of that specific integration. This page is designed to give you comprehensive insights into the data extracted from that application. You'll find the following tabs within an individual application page:

The "Overview" Tab

The Overview tab serves as a dashboard, presenting key summarized data extracted from this specific application integration. Here, you'll find various chart components that provide a high-level visual representation of your application's access posture.

Each of these chart components is clickable, which will take you to a more detailed view of their respective data, allowing you to drill down into specific metrics and trends.

The "Access" Tab

The Access tab offers a clear and granular representation of who has access to what within this particular application integration. This tab allows you to:

• Examine Individual Entities: See users, groups, or service accounts.

• Discover Reach: Understand the specific resources these entities can access.

• View Detailed Permissions: See the precise level of control each entity holds over various assets and functionalities within the application.

This tab provides a deep, granular view, enabling you to thoroughly understand the exact level of control each entity possesses.

Exploring Entity Details

Every data point listed on the "Access" tab is clickable. Clicking on an entity will open a sidebar providing detailed metadata about that specific entity. Each entity, depending on its type and the application it comes from, has its own unique set of metadata that gives you more context about it within the application.

Understanding Permissions

The "Permissions" column within this tab is also clickable. Clicking on the data in this column will reveal metadata specifically about the relationship between two entities shown in the tab.

To understand what each of these fields (like Connection Provider, Project, and Privileges) indicates, please refer to our dedicated guide on Understanding Entities and Entity Relations.

The "Connections" Tab

The Connections tab provides a detailed list of all the connections (e.g., security groups, roles, permission sets) that exist within this specific application. These connections are often the conduits through which identities gain access.

Clicking on any connection in this list will take you to a more detailed view, providing specific information regarding the application identities and entitlements that the chosen connection provides access to.

The "Identities" Tab

The Identities tab displays a comprehensive list of all individual user and service identities that have been extracted from this particular application.

You can click on any identity in this list to show a more detailed view of its associated accesses. Additionally, you can utilize the search bar or filters menu to quickly find specific identities within this application's data.

The "Resources" Tab

The Resources tab provides a comprehensive inventory of all the resources discovered within this specific application integration. These are the assets (e.g. databases, buckets, APIs, instances) that identities and connections can interact with.

Clicking on a resource in this list will navigate you to a more detailed view outlining the specific access an application's connections or identities have to that resource, including the various identities and entities associated with it. For instance, arn:aws:apigateway:*::/account refers to all API Gateway accounts within AWS, indicating that a connection provides access to manage or interact with these API Gateway resources.