With Apps, you can simplify user and access management for all your seat-based software-as-a-service (SaaS) and paid social (also known as business centers) apps.
In these apps, users belong to collaboration spaces (workspaces, teams, or dashboards) with different roles and permissions, and admins manage user access by leveraging individual seats or licenses instead of shared sessions. Some examples of SaaS and paid social apps are Meta Business Manager, TikTok for Business, Apple, Asana, Atlassian, Calendly, and GitHub.
Cerby Apps are connected to such collaboration spaces via integrations based on application programming interfaces (APIs) and robotic process automation (RPA) to help you and your company import and sync the following user data:
Members or users
Native partners
Roles and permissions
Assets, such as ad accounts, pages, and pixels
After syncing the information, you can centrally and securely manage user access to all your apps and assets from Cerby; therefore, you only have to interact with one user interface. Additionally, you gain visibility on who accesses your application and their role level, including your partners.
Users with a Cerby account are automatically matched to their corresponding identity in your corporate directory, which may be managed by an identity provider (IdP) such as Okta or Entra ID (formerly known as Azure AD).
External collaborators without a Cerby account are displayed as unmatched users. You can invite them to your workspace as guest users or local partners, with secure credentials provided and managed by Cerby. Then, they can join your app through Cerby. With native partners, you can also gain visibility on the users who access your assets to run ad campaigns on your partner's side.
When users accept your invite and connect their user account to Cerby, you can secure their access, update their role, and comply with security best practices such as two-factor authentication (2FA).
Figure 1 shows the Apps view in the Cerby web app dashboard, the interface that enables you to manage all your connected seat-based and paid social apps
Figure 1. Apps view in the Cerby web app dashboard
For a complete list of app integrations, read the article Which apps and automation workflows are supported by Cerby.
Learn how Apps work in Cerby
Cerby’s App integrations are connected to the collaboration space of your SaaS and paid social apps through an automation account with a native admin role. Cerby uses it as a service account to perform the following user and access management tasks for you server-side via API or RPA:
Identify and import all users, including partners, and their roles to Cerby.
Change the roles of your users from Cerby following the least privileged access principle.
Invite new users to join your app through Cerby.
Invite or remove users from your app after provisioning and deprovisioning events in your identity provider (IdP) via Teams or account deactivation.
Remove users of your app from Cerby.
Implement and automate security policies on user accounts:
Turn on and off two-factor authentication (2FA)
Change password
Figure 2 shows a high-level architecture of an App integration in Cerby connected to a seat-based or paid social app.
Figure 2. High-level architecture of a Cerby App integration
An App integration is like other regular accounts you add to Cerby because users are granted access to them with the Owner or Collaborator role. For more information about roles, read the article How Cerby manages roles.
The user who adds the App and connects it to their user account with an admin role becomes the Owner and can extend this role to other users by sharing access with them to the App. Only users with an Owner role on the App can perform automated user management tasks from Cerby and trigger security policies.
Users who connect their user accounts to Cerby after being synced and matched are granted the Collaborator role on the App.
To start using this feature, the first step is to connect an app.