8.1 Creating an Appmark

Each appmark contains a menu on the upper right corner that allows you to edit, duplicate, or delete an appmark.

For a mobile appmark to work, you must configure MobileAccess. See Configuring the MobileAccess App.

To create an appmark, perform the following steps:

  1. In Administration Console Dashboard under Administration Tasks, click Appmarks.

  2. (Conditional) If you have not already configured an Access Manager resource, create a resource, such as a service provider or a protected resource.

  3. In Cluster, select the appropriate Identity Server cluster that hosts the resource.

  4. Click the plus icon (+) and specify the following details:

    Option

    Description

    Name

    The display name of the appmark. If you want different names of an appmark on the desktop browser and mobile devices, duplicate the appmark and change the name.

    Description

    The description appears as a hover text for the appmark on the user portal.

    Change Image

    The image that Access Manager uses for the appmark for all platforms.

    Roles

    (Optional)

    Specify roles for users. Users in any of those roles can see the appmark. For example, if you add Sales and Managers, the user with the role Sales or Managers can see the appmark. If you do not select a role, all users can see the appmark.

    Type

    The Access Manager resource type that the appmark represents.

    • Bookmark: The URL of a website or document.

    • Mobile App: The URL that launches the application on mobile devices. When a user opens the MobileAccess app on a mobile device and taps the appmark, MobileAccess opens the mobile app itself.

    • Service Provider (SAML2 Application): Service Provider refers to any SAML 2.0 service providers that is created and configured in Access Manager version earlier than 4.3. SAML 2.0 Application refers to a SAML 2.0 service provider that is configured using SAML 2.0 connectors by importing a SAML 2.0 connector (from file or catalog) or by converting a SAML 2.0 service provider.

      Using a SAML 2.0 Application, you can limit a user's access to the service provider based on roles. The roles configured on a SAML 2.0 Application in Applications control user access to the application. Roles are not available for SAML 2.0 service providers.

      Roles configured on Appmarks associated with SAML 2.0 Applications or SAML 2.0 service providers only affect the visibility of the appmark to the users.

      When you configure a connector for an application, Access Manager automatically creates an appmark for it. You can create additional appmarks for the connector.

    • Protected Resource: A protected resource on a trusted Access Gateway cluster that you have created prior to creating the appmark.

      The protected resource roles control access to the protected resource, not the appmark roles. The appmark roles makes the appmark visible to users.

    Enable

    Select the user platforms where the appmark will be visible. The platforms are Desktop, iOS, and Android.

    Desktop

    Allows you to override behaviors of the desktop appmark. For example, you can add a different icon for the desktop appmark. You can use an image from the Image Gallery or upload your own image. The options to override are Image and URL.

    iOS and Android

    The options are same for iOS or Android. You can add a unique image or URL for the iOS and Android appmarks so that these appmarks appear differently. The appmarks also have additional options not available for the user portal page.

    Launch with: Specifies how to launch the application on the mobile device. Options include the following:

    • Chrome: When a user opens the MobileAccess app on a mobile device and taps the appmark, MobileAccess launches Chrome and directs it to the application. If Chrome is not installed on the mobile device, the user is taken to the App Store or Google Play to install it.

    • Internal viewer: When a user opens MobileAccess on a mobile device and taps the appmark, MobileAccess opens an embedded HTML viewer and directs it to the application. This view is similar to the Safari and Chrome options except that the user does not need to leave the MobileAccess window. The application opens within MobileAccess, and the user can tap the app name on the navigation bar in the top left corner of the screen to go back to the app home page and easily switch to another protected resource.

    • Safari (iOS only): When a user opens MobileAccess on a mobile device and taps the appmark, MobileAccess launches Safari and directs it to the application.

    • User Choice (Android only): When a user opens MobileAccess app on a mobile device and taps the appmark, MobileAccess allows the user to choose a browser.

    App Installer URL: (Optional) Use this option if you selected Mobile App. The URL to install the application if it is not already installed on the mobile device.

  5. Click Save.