cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Not a customer? Start a free trial

Click the Start a free trial link to start a 15-day SaaS trial of our product and join our community as a trial user. If you are an existing customer do not start a free trial.

AppDynamics customers and established members should click the sign in button to authenticate.

Bill.Howard
Moderator
‎04-28-2022
since ‎12-21-2018

Discussion Feed

Re: Login Failed for all users - licensed account

by Moderator in Controller (SaaS, On Premises)
‎04-27-2022 10:16 AM
‎04-27-2022 10:16 AM
@Ashmita.Thapar    Thanks for reaching out.  If you are still having issues logging into your controller account, please visit https://help.appdynamics.com/support and file a new support ticket with all the relevant details.  The support system uses your account management credentials, so you should be able to login and submit a ticket.    This is the best way to ensure engineering takes a look and gets this resolved.  We certainly want you to be able to login successfully!     Thanks again, Bill ... View more

Re: Changes to User Creation and Password Policy —...

by Moderator in Knowledge Base
‎03-04-2022 02:43 PM
‎03-04-2022 02:43 PM
Hi @Patrick.McDonald , thanks for the question.  It's a good one.  Generally, service accounts for integrations are not recommended as they will utilize basic authentication, which is inherently less secure.  Our recommendation, instead, is to use API clients for integrations that are system to system and are isolated to the SaaS controller account.   API clients are an OAUTH based mechanism that have been supported since version 4.5 of the controller.  Docs can be found here.    In the event that the integration is unable to support the use of tokens, then, unfortunately, an email based user is the only current solution.  We are currently researching other solutions.  Should you need additional help, please raise a support ticket and we can engage on that forum to see what can be done for your specific case.   ... View more

Re: Tenant User

by Moderator in Controller (SaaS, On Premises)
‎01-23-2022 08:56 PM
‎01-23-2022 08:56 PM
Hi @Randy.Manipon ,   That ends up being a bit of a complex answer.     Right now, tenant user ONLY refers to a user that logs into a controller where the controller setting being used is "local"/"AppDynamics" user.    There are 2 SAML configurations now - one for Accounts website services that is only for Accounts website access (not controller account) and one for Controller accounts, which is only for controller account use.   So, right now, you would have to setup SAML for Accounts to give your users access to Accounts services (training, support, community, etc) using their corporate credentials and SAML using the "Security Provider" settings within the controller itself.  That will allow your users to access the controller/product capabilities using their corporate credentials.   In the not too distant future, that will be changed somewhat, but more on that will be provided when we are ready.  For now, tenant users are authenticated only by AppDynamics, not SAML.   If you want SAML for all surfaces, configure it in the Accounts SAML Federation area and in the controller Security Provider area.   I hope that helps, Bill ... View more

Re: Tenant User

by Moderator in Controller (SaaS, On Premises)
‎01-19-2022 08:54 AM
‎01-19-2022 08:54 AM
Hi @Randy.Manipon , yes, you should be able to.  When you added the second user, did you use the controller as well?  The tenant user role is assigned ONLY when adding a user to a controller account using their email address - which should be the only way you can add the users now.  Tenant User is a "read only" role in the Accounts User Management page.  It's intended to signify that the user has been granted access to a specific controller account which is accomplished by adding them in the controller account itself.  One thing to keep in mind is that only AppDynamics managed users can be assigned tenant user role now - NOT SAML users.  So, if you have a SAML user on the controller, that user does not show in the Accounts User Management experience.  Does this help? ... View more

Re: How do I map Group/users in Accounts Managemen...

by Moderator in Controller (SaaS, On Premises)
‎01-11-2022 10:18 AM
1 Kudo
‎01-11-2022 10:18 AM
1 Kudo
Hi @Randy.Manipon    At this time, there is no grouping support for the Accounts SAML federation feature.  The current functionality is for identity authentication only.  Any user that is set to authenticate through the IDP that you have configured through the SAML federation function will be directed to your IDP for authentication.   This requires one of 2 things: 1) user is registered already in Accounts user management and set to be authenticated by your IDP or 2) user is "just in time" (JIT) provisioned into Accounts user management through the IDP initiated flow.    Once the user record is established in the Accounts user management listing, when they come to the Accounts pages or services of appd.com to login, they should get directed to your Azure IDP to authenticate.     For reference, the documentation is here: https://docs.appdynamics.com/21.12/en/appdynamics-essentials/account-management/account-management-portal/saml-federation   Over time, we do aim to provide improved JIT provisioning as well as attribute mapping support to enable access control from SAML attributes.  Look for some of those improvements later this year.   Does this help?   ... View more

Re: Changes to User Creation and Password Policy —...

by Moderator in Knowledge Base
‎01-11-2021 09:57 AM
‎01-11-2021 09:57 AM
Hi Jennifer,      Thank you for the question.  With these changes, we have begun the necessary work of providing our users a single identity for all their interactions with AppDynamics.   The result will be a better overall experience as well as a more secure system for these user accounts.  Email address will be used as their unique identifier and as such, each distinct user must have their own email address.  For now, the change is only being applied to newly created users when the customer has chosen to use AppDynamics as their identity provider (the "local" user option).    In the near future, however, we will migrate existing local users to this system requiring these existing users to have their own unique email address.   As always, we recommend that customers adopt SAML wherever possible as this ensures that the customer's systems are the identity systems of record for their users, allowing the customer to control the use of their user attributes.    As noted, these changes won't impact a customer's SAML/SSO users.   Bill ... View more

Changes to User Creation and Password Policy — FAQ

by Moderator in Knowledge Base
‎12-22-2020 01:01 PM
2 Kudos
‎12-22-2020 01:01 PM
2 Kudos
What improvements to user email verification, password policy, and account resources were completed in v21.11 and how do they affect me?   In our efforts to better serve our customers, we’ve implemented several enhancements designed to improve security and set a foundation for streamlining user management capabilities for system administrators.   In this article… What changed? When did this change happen? How do these changes affect user creation? Will this impact my current users? What if my new user fails to verify their account? What if I add a user who is already in the Account Management Portal (under User Management)?  What if I create new users through an API or third-party provider? Security Will this impact my SSO policies for new users? What will the new password policy be? Can an administrator create a password for a new user? Can I use a username other than email address? What if I want to add an AppDynamics employee for support?   What changed? As of release v21.11, AppDynamics has completed upgrades to our user creation process and password policy—a process that began in v21.2. To date, the following changes have been rolled out to all customer SaaS accounts:   New user email verification When a new user is created, they must verify their account via email prior to logging into your Controller. This will require administrators to provide an accurate email when creating the new user.  Improved password policy As part of completing their email verification, users will receive a notification to “activate their account”.   During this process, the new user is required to create a password, and it will have to adhere to a mandatory “strong” password policy designed to improve account security.  Access to Controller and account resources When a new user activates their account, they will be able to access the Controller accounts to which they have been assigned as well as the resources of the Account, such as Community and University .   When did this change happen? We began a staged rollout of these changes starting with v21.2. As of v 21.11, all customer SaaS Controllers have these capabilities.  Back to Table of Contents   How do these changes affect user creation? Will this impact my current users? No, current users will not be impacted by this change. The new features only impact users created with the new flow implemented for everyone in v21.11.   NOTE | This is the first phase in a series of enhancements to improve security and overall ease of use for our user management capabilities.   We highly recommend adding accurate email addresses when making any updates to an existing user’s account, as this will be a requirement in the future.    What if my new user fails to verify their account? When a new user is created, they will be designated a “pending” status until they complete the email verification process. The verification email will expire after 7 days of inactivity.    At that time an administrator can opt to: Ask the user to invoke the reset password flow, which will resend the activation email for a pending user. To do so: Direct them to either your Controller login or the Accounts login page : Click the “Reset Password” link The reset password link, below the "Next" button on the Sign-in screen   Delete the pending user if they no longer require access   What if I add a user who is already in the User Management section of the Account Management Portal? If you add a user to your Controller account using the email address of a user already found in the user management section of the Account Management Portal:  The user will automatically be able to use their Accounts username (as email address) and password to access the Controller account.  The user will receive an email notifying them of their access to the Controller account, including a link to the account for access.   The Account Management Portal’s user management section will show the user as a “tenant user” of the Controller account, making it clear that they can access the Controller directly using that identity.   What if the user resets their password? When a user can’t remember the password they set, they can click reset password from the Controller account login page or from the login.appdynamics.com login page.   They will receive an email with a link to reset their password. Once reset, the user will be able to use the new password with their username (as email address) in all related Controller accounts and AppDynamics Accounts experiences.   What if I add the same user’s email address to another Controller account? Whenever a local user is added to a Controller account using their email address, we match that email account with other existing user accounts using that email address and ensure that it’s the same user credentials that are used for the account. What does this mean for the user? The user will be able  to access all Controller accounts to which they have been added with the same AppDynamics identity (username and password).   What if I create new users via an API or third-party provider? Even if a user is created via an API script or a third-party integration, the user will still need to complete the email verification process.   If the new user fails to verify their email within 10 days of receiving the notification, they can obtain another activation email using the reset password flow from the login screen. Back to Table of Contents   Security Will this impact my SSO policies for new users? There is no impact for SSO policies at all. This change only applies to SaaS customers whose users are authenticated by AppDynamics, or so-called “local users”.  SAML or LDAP users and the associated security provider settings are not impacted.    What is the new password policy? Minimum length: 8 characters Contain both upper-case and lower-case letters Contain at least one number (i.e., 0-9) Contain at least one special non-alphanumeric character (e.g., !$%^&*)   Can an administrator create a password for a new user? No, administrators will no longer be able to set the password when creating a new user. The new user will be required to create their password during the email verification process.   Can I use a username other than email address? No.  In order to ensure uniqueness, email is the chosen username format. With email as username, we can ensure that users have a means of receiving operational communications from AppDynamics as well as ensure that the user can access all AppDynamics resources using a single identity.   What if I want to add an AppDynamics employee for support? Easy. Just add the AppDynamics employee using their email address. The employee will be able to log in to your account securely. Should they leave AppDyamics, they will be unable to access your account further. Back to Table of Contents ... View more
Latest Activity
Community Stats
Date Registered ‎12-21-2018 01:18 PM
Date Last Visited ‎04-28-2022 10:17 AM
Total Messages Posted 13
Total Kudos Received 4

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

By clicking subscribe, I have read and understood the Privacy Policy and Terms of Use.
Platform
Solutions
Learn

Company
Support