SAM General FAQs
What is SAM?
Exostar’s Secure Access Manager (SAM) Platform is a consolidated portal used for account registration, authentication, and management. The authentication gateway supports secure authentication, and provides access to applications and services hosted by Exostar and those managed by external entities.
The objective of the SAM Platform is to consolidate registration processes for connecting partners and applications in a secure environment, while providing flexible management and invitation capabilities to application owners.
The objective of the SAM Platform is to consolidate registration processes for connecting partners and applications in a secure environment, while providing flexible management and invitation capabilities to application owners.
What are the benefits of SAM?
The SAM platform offers a number of benefits to organizations and users:
– Our platform extends the basic concept of web-based Single-Sign-On (SSO) to support the single sign-on location to multiple applications.
– It supports authentication credentials of varying assurance levels.
– It facilitates an organizational approach to registration, account management, and application access.
– It provides organizations with the tools to add new users and grant access to applications.
– Our platform extends the basic concept of web-based Single-Sign-On (SSO) to support the single sign-on location to multiple applications.
– It supports authentication credentials of varying assurance levels.
– It facilitates an organizational approach to registration, account management, and application access.
– It provides organizations with the tools to add new users and grant access to applications.
What types of organizations and users exist in SAM?
The Exostar SAM Platform hosts the following three types of organizations:
1. Organization-Managed Organizations
2. Exostar-Managed Organizations
3. Sponsor-Managed Organizations
Users in SAM can be regular or shared. Users from Sponsor-Managed Organizations can transform into “Shared Users” if they begin to access applications that do not belong to their sponsor.
1. Organization-Managed Organizations
2. Exostar-Managed Organizations
3. Sponsor-Managed Organizations
Users in SAM can be regular or shared. Users from Sponsor-Managed Organizations can transform into “Shared Users” if they begin to access applications that do not belong to their sponsor.
What is an Organization-Managed Organization?
An Organization-Managed Organization in SAM refers to an organization that is responsible for managing itself. The Org Admin accepts the Terms and Conditions on behalf of the organization members. The organization manages and administers their own users. Org-managed-organization is the only model that will permit establishing SSO / Federated access for their users. To sum up, an Organization-Managed Organization will have these features:
– It is self-managed
– Organization is responsible for all users in the organization
– Org Admin accepts T & Cs
– Typically larger organizations with established IT expertise
– Pre-requisite for establishing SSO / Federated connection
– It is self-managed
– Organization is responsible for all users in the organization
– Org Admin accepts T & Cs
– Typically larger organizations with established IT expertise
– Pre-requisite for establishing SSO / Federated connection
What is a Sponsor-Managed Organization?
A Sponsor-Managed Organization is an organization registered in Exostar’s SAM Platform and managed by the Sponsor. Members of this organization are the responsibility of the Sponsor.
The Organization Administrator will accept the Terms and Conditions on behalf of the users within this organization. As long as users access sponsor applications exclusively, the Sponsor’s Admin will have full control over these users. However, once a user subscribes to a non-sponsor app, the sponsor’s admin will stop having full admin control over the user, but will continue administering their organization-specific applications. Shared Users will need to accept Terms and Conditions only once, after subscribing to their first non-sponsor application.
To sum up, a Sponsor-Managed Organization will have these features:
– This organization is registered & managed by the Sponsor
– The Sponsor is responsible for all non-sponsor users in the organization
– Sponsor Org Admin/MPA accepts T & Cs for applications that belong to the Sponsor-Managed Organization
– Users become shared once subscribed to a non-sponsor application
The Organization Administrator will accept the Terms and Conditions on behalf of the users within this organization. As long as users access sponsor applications exclusively, the Sponsor’s Admin will have full control over these users. However, once a user subscribes to a non-sponsor app, the sponsor’s admin will stop having full admin control over the user, but will continue administering their organization-specific applications. Shared Users will need to accept Terms and Conditions only once, after subscribing to their first non-sponsor application.
To sum up, a Sponsor-Managed Organization will have these features:
– This organization is registered & managed by the Sponsor
– The Sponsor is responsible for all non-sponsor users in the organization
– Sponsor Org Admin/MPA accepts T & Cs for applications that belong to the Sponsor-Managed Organization
– Users become shared once subscribed to a non-sponsor application
What is an Exostar-Managed Organization?
An Exostar-Managed Organization in SAM is an organization that is managed by Exostar. Users within Exostar-Managed organizations accept user-level Terms and Conditions, but they only need to be accepted once. Adding additional applications will not require users to accept additional Terms and Conditions again. This type of organization is intended for independent users of the system, who may not belong to a particular organization, and who may need access to multiple sponsor applications. For example, clinical investigators would belong to this type of organization.
To sum up, an Exostar-Managed Organization will have all of the below features:
– It will be registered and managed by Exostar
– Users will accept T & Cs only once, after subscribing to their first application
– Typically, it includes independent users who don’t belong to a particular organization
– These users need access to multiple sponsor applications
– Users need to be added to an organization by Exostar, the Sponsor Inviter API, or Adoption Module Administrator
To sum up, an Exostar-Managed Organization will have all of the below features:
– It will be registered and managed by Exostar
– Users will accept T & Cs only once, after subscribing to their first application
– Typically, it includes independent users who don’t belong to a particular organization
– These users need access to multiple sponsor applications
– Users need to be added to an organization by Exostar, the Sponsor Inviter API, or Adoption Module Administrator
How do users become “Shared”?
Users who are under a Sponsor-Managed Organization (SMO) have the ability to become Shared Users. Shared Users can access applications outside of their sponsored organization. Once users become shared, they will need to accept Terms and Conditions for the first application belonging to a different sponsor. If any additional non-sponsored applications are added, Terms and Conditions will not be required again.
Once a user subscribes to a non-sponsor application, Organization Administrators and MPAs from the SMO will have only limited control over this user. For instance, they can no longer execute the following functions:
– Make profile updates for Shared Users
– Suspend/Enable Shared Users’ SAM accounts
– Deactivate Shared Users’ SAM accounts
– Suspend/Enable Organizations with any Shared Users (Applicable to MPAs only)
– Delete Organizations with any Shared Users (applicable to MPAs only)
Once a user subscribes to a non-sponsor application, Organization Administrators and MPAs from the SMO will have only limited control over this user. For instance, they can no longer execute the following functions:
– Make profile updates for Shared Users
– Suspend/Enable Shared Users’ SAM accounts
– Deactivate Shared Users’ SAM accounts
– Suspend/Enable Organizations with any Shared Users (Applicable to MPAs only)
– Delete Organizations with any Shared Users (applicable to MPAs only)
Why is my SAM account disabled?
Inactivity on your account may result in the account being suspended or deleted. The following are some reasons why your account may get deleted or suspended:
Account activation not completed for more than 180 days: If you were invited to SAM and haven’t completed first time login (account activation) for your account within 180 days of account creation, your account will be deleted. If your account is deleted, you will have to re-register for a SAM account.
Application access suspension: Each application can set the parameters for the number of days of inactivity that will lead to access suspension. If your application access is due for suspension in 30 days or less, each time you login to your Exostar SAM Platform account, you will be presented with a flash screen to remind you to access the application and the number of days to suspension. To ensure that you do not lose access to the applications you need, it is a good practice to login to your Exostar SAM Platform account regularly and access available applications.
Application access deletion: If your application access has been suspended for ‘x’ number of days as specified by the application owner, your access to the application will be deleted. You will be notified regarding this deletion 30 days in advance.
Active account deletion: If the last active application subscription is suspended, your SAM account will be suspended 30 days after the application suspension. You will be notified regarding this suspension 30 days in advance. Contact Exostar Customer Support for information on how to re-establish application access.
Account activation not completed for more than 180 days: If you were invited to SAM and haven’t completed first time login (account activation) for your account within 180 days of account creation, your account will be deleted. If your account is deleted, you will have to re-register for a SAM account.
Application access suspension: Each application can set the parameters for the number of days of inactivity that will lead to access suspension. If your application access is due for suspension in 30 days or less, each time you login to your Exostar SAM Platform account, you will be presented with a flash screen to remind you to access the application and the number of days to suspension. To ensure that you do not lose access to the applications you need, it is a good practice to login to your Exostar SAM Platform account regularly and access available applications.
Application access deletion: If your application access has been suspended for ‘x’ number of days as specified by the application owner, your access to the application will be deleted. You will be notified regarding this deletion 30 days in advance.
Active account deletion: If the last active application subscription is suspended, your SAM account will be suspended 30 days after the application suspension. You will be notified regarding this suspension 30 days in advance. Contact Exostar Customer Support for information on how to re-establish application access.
SAM Account FAQs
How do I edit my profile in SAM?
1. Log into your SAM account at https://secureaccess.exostar.com/.
2. Navigate to the My Account tab.
3. Review the profile information and make desired changes. Click Continue.
4. You will see the review page. Review and verify the changes have been entered correctly. Click Submit.
A confirmation page displays, and you will receive an email confirming the changes.
2. Navigate to the My Account tab.
3. Review the profile information and make desired changes. Click Continue.
4. You will see the review page. Review and verify the changes have been entered correctly. Click Submit.
A confirmation page displays, and you will receive an email confirming the changes.
How do I update my email for my SAM account?
1. Log into your SAM account at https://secureaccess.exostar.com/.
2. Navigate to the My Account tab, and click the Change Email link on the left.
3. Enter your new email address.
4. Access your email to obtain the activation code you receive via email.
5. Return to your SAM account, and enter the activation code. Click Activate.
2. Navigate to the My Account tab, and click the Change Email link on the left.
3. Enter your new email address.
4. Access your email to obtain the activation code you receive via email.
5. Return to your SAM account, and enter the activation code. Click Activate.
How do I change my SAM account password?
1. Log into your SAM account at https://secureaccess.exostar.com/.
2. Navigate to the My Account tab, and click the Change Password link on the left.
3. The Change Password page displays. Enter your current password. Then enter the new password, and re-enter for confirmation.
4. Click Submit.
2. Navigate to the My Account tab, and click the Change Password link on the left.
3. The Change Password page displays. Enter your current password. Then enter the new password, and re-enter for confirmation.
4. Click Submit.
How do I change security questions for my SAM account?
1. Log into your SAM account at https://secureaccess.exostar.com/.
2. Navigate to the My Account tab, and click the Change Security Questions link.
3. Locate and select the question and answer combination to change.
4. Make changes, and click Submit. The on-screen message displays, confirming changes have been processed. You will receive a confirmation email as well.
2. Navigate to the My Account tab, and click the Change Security Questions link.
3. Locate and select the question and answer combination to change.
4. Make changes, and click Submit. The on-screen message displays, confirming changes have been processed. You will receive a confirmation email as well.
My password expired. How do I reset it?
1. Navigate to your SAM login portal at https://secureaccess.exostar.com/.
2. Enter your email address and click Next.
3. Click the Forgot Password link.
At this point you can select to reset your password using:
– Security Questions
– Phone OTP
– Email OTP
– Exostar Mobile ID
2. Enter your email address and click Next.
3. Click the Forgot Password link.
At this point you can select to reset your password using:
– Security Questions
– Phone OTP
– Email OTP
– Exostar Mobile ID
How to reset your password using security questions:
1. Select Answer security questions and click Next.
2. From the pull-down menu, select and answer two of your security questions. Click Next.
3. Enter your new password, confirm your password, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
2. From the pull-down menu, select and answer two of your security questions. Click Next.
3. Enter your new password, confirm your password, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
How to reset your password using Phone OTP:
1. Select Enter verification code from phone, and click Next.
2. Select whether you want to receive the OTP verification code via a text or voicemail, and click Send.
3. After receiving the message with your OTP, enter it, and click Next.
4. Enter your new password, confirm it, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
2. Select whether you want to receive the OTP verification code via a text or voicemail, and click Send.
3. After receiving the message with your OTP, enter it, and click Next.
4. Enter your new password, confirm it, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
How to reset your password using Email OTP:
1. Select Enter verification code from email, and click Next.
2. Check the email registered to your SAM account. The Email OTP you receive is active for the next five minutes. Enter the OTP, and click Next.
3. Enter your new password, confirm it, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
2. Check the email registered to your SAM account. The Email OTP you receive is active for the next five minutes. Enter the OTP, and click Next.
3. Enter your new password, confirm it, and click Next.
Upon successful password change, the Exostar SAM Platform Home tab displays.
What happens if my first and last name doesn’t contain characters from a-z, A-Z, 0-9,-,_?
– Exostar is accepting a range Unicode characters in SAM profile fields
– If there is a character within the limited range of characters we don’t accept, the system will display an error message and will display the field the character is in and the character that is not accepted
– The SAM user ID will be generated in a SAM + 6 randomly generated ASCII characters and four randomly generated numbers format when the users first and last name doesn’t contain any characters from the following range: a-z, A-Z, 0-9, -, _
If my first and last name is entered in Hangul, my user ID will look like SAMabcdef_1234
– If there is a character within the limited range of characters we don’t accept, the system will display an error message and will display the field the character is in and the character that is not accepted
– The SAM user ID will be generated in a SAM + 6 randomly generated ASCII characters and four randomly generated numbers format when the users first and last name doesn’t contain any characters from the following range: a-z, A-Z, 0-9, -, _
If my first and last name is entered in Hangul, my user ID will look like SAMabcdef_1234
Password Requirements |
---|
– Characters must be Unicode characters belonging to the POSIX – Must be at least a minimum of 8 and maximum of 64 characters long – Must contain at least 1 alpha character and 1 numeric character and 1 special character – Must contain at least 4 distinct characters – Must have no leading or trailing white spaces, embedded space (x20) are allowed and count towards the non-alpha requirement |