15 Replies Latest reply: Sep 5, 2012 6:41 AM by Marie Elise MORTINIERA RSS

    Disabling users mobile access

    Laura Becraft

      Does anyone know if a user loses their phone, how I can disable their mobile access from the admin console?

        • Re: Disabling users mobile access

          Hi Laura,

          We don't offer an admin console-based method for managing the access tokens.  Users can of course log in to Jive from the web and delete the token via their Preferences page.  Providing an admin interface is something we're evaluating but don't have an ETA at the moment.

           

          - Brian

            • Re: Disabling users mobile access
              Laura Becraft

              We are in the process of doing our Jive Engagement and are in our Strategy Session workshop and I thought I understood  our Strategy session leader to say that the Admin could delete the mobile access via the console.  We just have some test users in our UAT environment right now and are getting ready to delete them, so I accessed one that I knew had accessed the environment via mobile and saw that there was a property of "jive.user.pref.mobile.visited" and deleted it.  So, that won't disable just her access via mobile?

                • Re: Disabling users mobile access

                  No, that just manages the user's experience when they visit the Preferences page for the first time.

                   

                  If you are going to delete the users that will naturally delete their ability to access Jive Mobile so this extra effort should not be necessary.

                    • Re: Disabling users mobile access
                      Laura Becraft

                      Brian,

                       

                      Sorry, I wasn't very clear.  The Use Case was more around "what to do when a user loses their mobile device" and the steps to take to make sure the device can't still access Jive.  I think you answered it the first time, so sorry for the confusion.  In the future, we would like to be able to disable just the mobile access without having to delete the entire user account.  So if it does occur, at this point I think we would just need to instruct the user to sign into Jive through some other method and go to their preferences and delete the token, like you suggested.

                       

                      Thanks,

                       

                      Laura

                        • Re: Disabling users mobile access
                          Kevin Joyce

                          Is “delete” user account the only option?

                          Will not “disable” user account work?

                           

                          Kevin

                            • Re: Disabling users mobile access
                              Laura Becraft

                              Disable would work but then the user would not be able to access their account at all.  Harsh penalty for losing a mobile device.  I can see doing that maybe temporarily until they could get to something else to update their own account though - so that's an option.

                                • Re: Disabling users mobile access
                                  Kevin Joyce

                                  I would think the “Delete” option would be worse given that they would lose all their access to content they’ve generated.

                                   

                                  Brian – With the OAuth feature introduced in mobile, which requires a user to register their device, there is not the capability for that user (and System Admins) to enter the full-UI & disable that devices access?

                                    • Re: Disabling users mobile access

                                      Users absolutely can revoke a device's access via their Preferences from the full web UI. We just don't have an Admin view to all registered devices for the admin to do the revocation on the user's behalf.

                                       

                                      - Brian

                                        • Re: Disabling users mobile access
                                          Kevin Joyce

                                          Brian – Do the Admins have visibility to the user’s tool within the users profile page?  I just find this inability for the Admin to revoke this access not very comforting.  It’ll certainly make our Security team raise both eye brows.  So what’s the roadmap for granting the admin to revoke a users mobile access.

                                           

                                          P.S. If some of these details are in the thread already, I apologize as I am responding via email.

                                            • Re: Disabling users mobile access
                                              Do the Admins have visibility to the user’s tool within the users profile page?

                                               

                                              Providing an admin interface is something we're evaluating but don't have an ETA at the moment.  The user must log into the web interface directly and visit Preferences > Mobile to remove the token.  Here's an example of the user's Preferences screen:

                                              Prefs.png

                                              We also have the option to implement a passcode that the user must enter to unlock the app.  If enabled for your community the risk of the community being accessed from a device which has been lost prior to the user being able to log in from the web UI to revoke the token is diminished even further.

                                              pass2.png

                                                • Re: Disabling users mobile access
                                                  Kevin Joyce

                                                  Brian -

                                                   

                                                  I am following up on this item b/c we are in the process of upgrading to the latest 5.x version.

                                                  We must make a decision on weather to activate OAuth (prefered) or keep the current username/pwd (not prefered).

                                                   

                                                  Furthermore, you mentioned the option to require a passcode unlock functionality for the mobile device.

                                                  Is this available for the native app & the mobile browser app?

                                                  Is there more (documentation, etc) you can tell me about this specific functionality?

                                                  It could be an alternative.

                                                    • Re: Disabling users mobile access

                                                      Kevin,

                                                      Yes, the passcode feature is an optional supplement to the oAuth approach.  We didn't include a lot of detail in our documentation but it is fairly configurable (length of the passcode and the timeout duration namely).  LMK if you'd like to try it in a UAT environment with the defaults of 4 characters & 5 minute timeout.

                                                        • Re: Disabling users mobile access
                                                          Kevin Joyce

                                                          Brian -

                                                           

                                                          Can you describe how the pass code feature works? At this point, i am still not clear how the passcode is used in combination with the Oauth feature.

                                                           

                                                          Kevin Joyce

                                                            • Re: Disabling users mobile access

                                                              Sure, no problem:

                                                              1.  The user registers their decide via their Preferences page. This process is unchanged.

                                                              2.  After successfully entering the registration code on the device, they will be prompted to create a passcode.   This is akin to the setup one would do if s/he had chosen to apply a passcode to the device itself. The user must enter it twice to ensure accuracy and meet the minimum length requirement (4 characters by default).

                                                              3.  From then forward, every time the app sits idle for the specified period (5 minutes is the default) the passcode entry screen will be shown. The user must enter it in order to gain access into the app.

                                                               

                                                              - Brian

                                                                • Re: Disabling users mobile access
                                                                  Marie Elise MORTINIERA

                                                                  Dear All

                                                                   

                                                                  We are now in phase of making some guidelines and processes on Mobile security access.

                                                                   

                                                                  We have tw questions:

                                                                  - How to extract a report on all users who have registered their mobiles - Where can we find this information - Does the admin have access to this information via the Admin Console

                                                                  - How to disable only the user mobile access of a user without disabling or deleting his account - How to make this action available by the Administrator if the user doesn't respect our terms and conditions about How to use and register their devices in our Jive platform.
                                                                  Thank you for your reply.