Setup User Entitlements in Appdome Team for Mobile App Security Projects

Last updated September 12, 2024 by Appdome

Learn how to set up and manage user entitlements to collaborate efficiently on mobile integration projects within an Appdome Team.

The Importance of Structured Team Roles in Mobile App Development

Development organizations invest heavily in creating mobile integration development cycles that meet their organizational needs. Project managers and DevOps team lead assign specific responsibilities to specific experts during the development cycle. This structured approach ensures that multiple people can work on the same app as a team efficiently. For instance, mobile development, security, and IT teams often collaborate to create fully integrated mobile apps for users.

Team-member entitlements enable you to limit each teammate to a specific task within the Appdome workflow. Entitlements, which are specific “right of use” rules established within teams, can be assigned to individual users for each step of the process. These steps include uploading apps, fusing one or more services, adding context, signing, or deploying the app. By confining users to particular tasks, you can prevent mistakes, such as a user responsible for signing the app accidentally fusing it, thereby streamlining mobile integrations.

This meticulous task assignment ensures that the right people are doing the right job, which accelerates the development cycle and is a fundamental part of any mobile integration process. Moreover, reliance on external integration processes could significantly impact well-oiled internal processes.

Prerequisites for using Team Entitlements

In order to use Appdome’s Teams and Entitlements, you’ll need:

Team Entitlements

 Appdome for Teams currently offers the following entitlements:

Workspace

  • UPLOAD: Uploading an app
  • BUILD: Enabling workflow actions by clicking on the Build button on UI or Make a Build API request
  • SECURITY: Using the Security tab
  • ANTI_FRAUD: Using the Anti-Fraud tab
  • GEO_COMPLIANCE: Using the Geo- Compliance tab
  • ANTI_BOT: Using the Anti-Bot tab
  • MOBILE_EDR: Using the EDR tab
  • ACCESS: Using the Access tab
  • AUTHENTICATION: Using the Authentication tab
  • MANAGEMENT: Using the Management tab
  • F5: [EOL]
  • CONTEXT: Adding Context to an app
  • SIGN: Signing an app
  • DEPLOY: Deploying an app

Fusion Set 

  • EDIT_FUSION_SETS: Editing a Fusion Set
  • CERTIFICATES_UPDATE: Update your Root CA Public Certificate, a certificate chain, or a Server Pinned certificate, available as individual files or in a zip format (.cer, .crt, .pem, .der, .zip). For Android apps, include your Keystore file. For iOS apps, you should also include your P12 file, provisioning profile, and entitlements file.
  • ACCEPT_FUSION_SETS: Approve Fusion Sets received from another team by using the option to release security templates between teams.
  • FREEZE_UNFREEZE_APPDOME_VERSION: Using the Fusion Set Summary screen to freeze and unfreeze the Appdome version
  • FUSION_SET_VERSIONING: entitlement to create multiple fusion sets.
  • ACCORDION_ANNOTATION: Add an edit annotation to each command section (accordion), such as OS Integrity.
  • RELEASE_FUSION_SETS_INTO – Entitlement to release a Fusion Set to another team

Monitoring 

  • View ThreatScope – Access to view ThreatScope data for the team to which the user belongs.
  • View Certified Secure – Access to download a certificate from the team to which the user belongs.

Admin 

  • DUPLICATE_TEAM – A “super-user” entitlement to duplicate an existing team with all its configurations (e.g., members and Fusion sets)
  • DELETE_APP/SDK
  • COPY_FUSED_BUILDS_INTO: Copying builds from one team to another
  • DOWNLOAD_FILES_FROM_FUSION_SETS: Entitlement to download Fusion Set files.

Team Management Entitlements Flow

Easy Steps to Configure User Entitlements in Mobile App Security Projects

Create a Team

To learn more about teams, please refer to the knowledge base article: How to Create Teams in Mobile DevSecOps Build System to Accelerate Delivery.

Edit Entitlements

  1. In the Personal Area drop-down in the upper right side, select “Team Management.”
    Team Management
  2. Click on the … next to the team’s name. Team Management
  3. Click on Team Members and then Edit Member.
    Edit Member
  4. You will see a list of the team members and their Entitlements.
  5. To remove an entitlement, uncheck the associated box with that entitlement.
  6. To add Entitlements, check the box.
    As a leader:

    • When opening a team, you can perform the following activities:
    • You can edit entitlements for all team members.
    • You can add members.
    • You can remove members.
    • You can change the team’s name and description.
    • You can enforce naming policy on the team fusion sets
    • You can enforce your organization’s domain verification on all team members.
    • You can edit the role of each team member.
    • You can request to delete a team.
    • You can leave the team.
      As a member:

      • You can view your entitlements.
      • You can view the roles of each team member.
      • You can view the team’s details.
      • You can leave the team.
  7. Click Save to save your changes.

New Entitlement List

 

Congratulations! Each member of your Appdome Team now has the entitlements necessary to complete their work on Appdome.

Related Articles:

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.

 

Appdome

Want a Demo?

Mobile AppSec Workspaces

GilWe're here to help
We'll get back to you in 24 hours to schedule your demo.