7.2.2 Understanding Appmarks Options

You configure appmarks in Administration Console Dashboard under Administration Tasks > Appmarks. On each appmark that you create, there is a menu on the upper right corner that allows you to edit, duplicate, or delete the appmark. Clicking Edit or clicking the appmark allows you to edit the appmark. Clicking the plus sign (+) at the top of the page, allows you to create a new appmark. When you create or duplicate an appmark, the following options are available.

Table 7-1 Appmark Options

Option

Description

Name

The display name for the appmark. If you want different display names for the appmark on the desktop browser page and on mobile devices, you must create a copy of the appmark and change the name.

Description

The description appears as hover text that users see for the appmark on the User Portal page.

Change Image

The image that Access Manager Appliance uses for the appmark for all platforms, unless you override this image with another image when configuring the different platforms. The maximum image size is 200 x 200 pixels and the ideal image size is 100 x 100 pixels. You can use an image from the Image Gallery or upload your own image.

Roles

(Optional) The Access Manager role that the users must have in order to see the appmark. If you do not select a role, all users can see the appmark on the User Portal page. If you add a role, only users with that role can see the appmark. If you add multiple roles, users in any of those roles can see the appmark. For example, if you add Sales and Managers, the users must be in Sales or Managers, not Sales and Managers, to see the appmark.

Type

The Access Manager resource type that the appmark represents. There are many different types of resources:

  • Bookmark: The URL of a website or document.

  • Mobile App: The URL that launches the application on the mobile device. When the user opens the MobileAccess app on the mobile device and taps the appmark, MobileAccess opens the mobile app itself.

  • Service Provider (SAML2 Application): The term Service Provider refers to any SAML 2.0 service providers that you created and configured prior to the Access Manager 4.3 release. The term SAML 2.0 Application refers to a SAML 2.0 service provider that you created and configured using SAML 2.0 connectors either by importing a SAML 2.0 connector (from file or catalog) or by converting a SAML 2.0 service provider.

    The main benefit of a SAML 2.0 Application versus a SAML 2.0 service provider is the ability to limit user's access to the service provider based on roles. The roles configured on a SAML 2.0 Application in Applications control user access to the application. Roles are not available for SAML 2.0 service providers.

    Roles configured on Appmarks associated with SAML 2.0 Applications or SAML 2.0 service providers only affect the visibility of the appmark to the users.

    When you configure the connector for the application, Access Manager Appliance automatically creates an appmark for you. You can create additional appmarks for the connector.

  • Protected Resource: A protected resource on a trusted Access Gateway cluster that you have created prior to creating the appmark.

    The protected resource roles control access to the protected resource, not the appmark roles. The appmark roles only provide visibility of the appmark to the users.

Enable

Select the user platforms where the appmark will be visible. The platforms are Desktop, iOS, and Android.

Desktop

Allows you to override the behaviors of the desktop appmark. For example, you can add a different icon for the desktop appmark so it sizes differently than the iOS appmark. You can use an image from the Image Gallery or upload your own image.The options to override are:

  • Image

  • URL

iOS and Android.

The options are the same whether you select iOS or Android. You can add a unique image or URL for the iOS and Android appmarks so that these appmarks appear differently from the desktop appmarks.

The appmarks also have additional options not available for the User Portal page.

  • Launch with: Specifies how to launch the application on the mobile device. Options include the following:

    • Chrome: When the user opens the MobileAccess app on the mobile device and taps the appmark, the MobileAccess app launches Chrome and directs it to the application. If Chrome is not installed on the mobile device, the user is taken to the App Store or Google Play to install it.

    • Internal viewer: When the user opens the MobileAccess app on the mobile device and taps the appmark, the MobileAccess app opens an embedded HTML viewer and directs it to the application. This view is similar to the Safari and Chrome options, except that the user does not need to leave the MobileAccess window. The application opens within the MobileAccess app window, and the user can tap the app name (as defined by the administrator when configuring MobileAccess) on the navigation bar in the top left corner of the screen to go back to the app home page and easily switch to another protected resource.

    • Safari (iOS only): When the user opens the MobileAccess app on a mobile device and taps the appmark, the MobileAccess app launches Safari and directs it to the application.

    • User Choice (Android only): When the user opens the MobileAccess app on a mobile device and taps the appmark, the MobileAccess app allows the user to choose what browser launches.

  • App Installer URL: (Optional) You can use this option if you selected the Mobile App type. This is the URL to install the application if it is not already installed on the mobile device.