Business Owners for Application Integrations
Last updated
Was this helpful?
Last updated
Was this helpful?
In the context of application integrations, Business Owners are key individuals responsible for managing and overseeing access to connections/resources within an integrated application. These owners play a vital role in ensuring that access reviews, access requests, and other important tasks are properly handled with respect to a connection/resource their assigned.
This documentation will guide you through the concept of business owners, how to assign them, and the responsibilities associated with each role.
Business Owners are designated individuals or groups with the authority to manage access to specific resources and connections within an integrated application (e.g., Okta, GitHub, etc.). They are responsible for reviewing access, approving or denying requests, and ensuring that permissions remain up-to-date and compliant with the organization’s security policies.
In other words, Business Owners oversee access to the resources and connections they manage.
There are two types of business owners you can assign:
Primary Owner: The main individual responsible for overseeing the application resources/connections and taking action on access reviews and requests.
Secondary Owner: An additional individual(s) who can take over responsibilities if the primary owner is unavailable.
To configure business owners for an application integration, follow these steps:
Open the Application Integration Setup Modal Navigate to the Integrations page under the Configure section. You will see a list of your application integrations.
Select an application to setup business owners Choose which application integration you'd like to setup business owners. Click on the "Setup application business owners" icon (). This will open a dialog with a table showcasing a list of connections and resources within your integration.
Assign Business Owners
You have two choices ahead of you:
Mapping via UI Select the connections/resources you would like to map. Clicking on the "Map Business Owner(s)" will open a sidebar. Click on "Save changes" after selecting your choice of business owners or click on "Map to App Owner(s)" if you want to map the selected connections/resources to the application integration owner.
Bulk Business Owner Mapping: Business Owners can be mapped by uploading the BO mapping CSV. Simply click the “Map Business Owner(s)” button without selecting any connections or resources. This will open a side panel where you can download the mapping CSV. After filling in the CSV with the primary and secondary owner emails for a set of entities (connections/resources), you can upload it back using the same panel. The secondary owner emails should be separated by a semicolon (;). Once the mapping is complete, upload the CSV in the designated section of the side panel and click the “Upload New Mapping” button. The mapping will be processed and updated in the UI within a few minutes.
Many enterprises have multiple applications federated with their primary Identity Provider (IDP) application (e.g., Okta, OneLogin). These federated applications are treated as separate resources during entitlement discovery. Since each resource is an application in itself, different users typically manage and oversee access to each application.
By assigning primary and secondary business owners to these application integrations, each set of owners can take responsibility for their specific application’s access reviews and requests. The primary owner is the main point of contact for managing and approving access, while the secondary owner serves as a backup.
This approach ensures that access reviews and requests are handled by the right individuals with the appropriate expertise for each application, improving efficiency. It also helps in maintaining segregation of duties, as different owners are responsible for different applications, reducing the risk of conflicts or errors. Ultimately, having them streamlines access management and ensures the right approvals are made in a timely and compliant manner.
Ensure Clear Responsibility: Clearly assign the primary business owner to avoid confusion and ensure accountability. The primary owner should be someone who is actively involved in managing the connections/resources they are assigned to.
Use Secondary Owners for Continuity: If the primary owner is frequently unavailable, consider assigning a secondary owner to ensure continuity in access management. Secondary owners can help prevent delays and ensure that the right approvals are made.
Review Ownership Regularly: As your team or organization evolves, periodically review and update the assigned owners to ensure they remain appropriate for the tasks at hand.
