Please ensure Javascript is enabled for purposes of website accessibility
    Login
    Contents x
    Access Control Policies
    • 06 Dec 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Access Control Policies

    • Updated on 06 Dec 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Access Control Policies (ACPs) create a secure environment where all traffic coming from approved sources can reach the Scheduler widget for processing, and any unrecognized traffic is blocked.

    The Access Control Policies tab allows you to secure access to your Widgets in one of two ways:

    • By allowing specific IP addresses to send unlimited traffic from specified sources
    • By creating API Access Tokens that will be required with each API request

    screenshot of the access control policy page

    Create an ACP

    New Access Control Policies can be created in two different ways. You can choose to start fresh with a new, empty policy, or clone an existing policy to start with an existing list of allowed IP addresses. If you choose to clone an Access Control Policy, you can then add or remove IP addresses and API Access Tokens from the new policy as needed to fit its intended purpose.

    Create an Access Control Policy

    Quick Access: Scheduler > Access Control Policies

    IP Addresses

    1. To create a new Access Control Policy with nothing configured, click Add Access Control Policy, or...
    2. To use an existing Access Control Policy as a template for the new one, click the Clone icon in the row corresponding to the policy that you wish to clone. 
    3. Enter a unique name for the new policy in the Name field.
    4. Enter a description to further identify the new policy in the Description field.
    5. If you are cloning an existing Access Control Policy, click Save, then click the Edit icon on the new row associated with the policy to continue.
    6. Click Add Whitelisted IP Address to add an IP address to the whitelist.
    7. In the Add Whitelisted IP Address modal window, enter the IP address in the Address field. If you wish to use the IP address of the server you are using to access the Mindful Callback UI, you can click Use my IP address to automatically populate it in this field.
    Tip

    To add a range of IP addresses, follow CIDR notation:

    For example, if you want to use the IP addresses 1.1.1.0 to 1.1.1.255, then you would enter 1.1.1.0/24 into the Address field.

    /24 is the largest block size that is allowed.

    Screen capture of Add Whitelisted IP Address modal

    1. Enter descriptive text to identify the server in the Description field.
    2. Click Save to return
    3. Repeat Steps 6-9 for any additional IP addresses you would like to add to the new Access Control Policy.

    API Access Tokens

    Generate an API Access Token if you want to integrate your widget and ACP with other Mindful applications. API Access Tokens can be added at any time. Here is how you add one during the ACP creation process.

    1. In your in-progress ACP, scroll down to the API Access Tokens section and click Add API Access Token.
    2. On the Add API Access Token modal, give your token a name. We recommend that you name it so that other system admins know where you're using the token.
    3. Click Save.

    When you're done configuring your ACP, you can return to the Access Control Policies page to see a list of your ACPs.

    NOTES
    • Your organization may create up to 100 Access Control Policies (ACPs). This includes original and cloned ACPs.
    • Each ACP may have up to 10 IP address entries assigned. An identified range of IP addresses counts as one entry.
    • Each ACP may have up to five (5) API Access Tokens applied to it.

    Apply an ACP

    After creating an Access Control Policy, use the following steps to apply it to a widget or to your organization.

    Apply an ACP to a Widget

    Quick Access: Scheduler > Widgets

    1. On the Widgets tab, click the Edit icon in the row corresponding to a particular widget.
    2. Use the Access Control Policy dropdown menu to select a policy to apply.
    3. Save your changes.

    Apply an ACP to the Organization-wide API

    Quick Access: Scheduler > API

    Apply an ACP to all of the API Endpoints on the Scheduler API screen. On the Scheduler API screen, use the Access Control Policy dropdown menu to select a policy to apply.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout