Your Account

In order to access settings for your account, billing information, etc. click on the circular profile photo or image towards the top right of the screen. A drop-down menu will appear with a number of menu items including Profile, Billing, etc. Click on one of those menu items in order to access your account.

Profile

The first menu item you will see is Profile. From this tab you can edit your name, username and email. You will also see your profile photo which can be set using Gravatar (opens new window).

In this tab you will also find that you have the ability to change your password. You can also delete your account here. If you delete your account all of your networks and surveys and all associated data will be immediately removed. Billing will also stop immediately.

Billing

The third menu item is Billing. Here you can find a dashboard summarizing the number of public and private networks that you currently have compared to the maximum number of public and private networks that you can have under your current plan. You will also see a summary of the total number of respondent credits that you have available to use.

To purchase respondent credits click the Buy Credits or Request Credits link at the bottom of the Respondent Credits box. If you have an individual account you will be able to buy credits immediately on your credit card. If you have an organizatonal account you will be able to request the number of credits you need and we will reply to your request via email and follow-up with an invoice.

Individual accounts will also see a sub-heading called Plan. It's here that you can upgrade or downgrade your plan. Organizational users will just see a single box indicating that they have an Enterprise account.

The final heading in this section is Credit Card. It's here that you are able to enter your credit card details if you are using an individual account. Organizatinal users will not see this credit card input as as billing for enterprises is managed by the Owner of the organization and a summary for the whole organization is provided to admin users under the Organization menu.

API Access

In order to use the Polinode API you will need to generate a set of Public and Private keys. Click on the New API Key button to generate these keys and then enter your password. You will then see a Public and Private API key in a dialogue. Copy and paste these keys and store them somewhere secure - you should treat these keys like your password and not disclose them to anyone else. Polinode does not store your private API key so you will want to make sure to store this yourself before closing the dialogue.

Once you have generated a set of API keys you will see them in a table that includes the date and time they were created. You should make sure that only those keys that you are actively using are in this table and delete old keys by clicking the delete button once you are finished with them.

Organization

ENTERPRISE USERS

Organization management is only available to Enterprise and Partner accounts.

Enterprise and Partner accounts are provisioned as organizations rather than individual accounts. Each organization can have multiple individual accounts, each with different levels of access to the organization. The highest level of permissions for an organization is an Admin account for that organization. If you are an Enterprise or Partner user and are the Owner of the organization or have an admin account for your organization then you will see you will see the name of your organization towards the top right in the header. Clicking on the name of your organization will show a menu containing User Management and Organization Settings.

Organization Dashboard

Clicking on either User Management or Organization Settings will bring you to a screen that allows you to manage the Organization. The first thing you will see on that screen is a dashboard that summarizes four metrics related to billing:

1. Public Networks: The total number of public networks used across the organization compared to the total number of available public networks. Since public networks are deactivated by default you won't see this tile unless you have acticated public networks for your organization.
2. Private Networks: The total number of private networks used by the organization compared to the total number of available private networks.
3. Respondent Credits: The total number of respondent credits currently available to the organization. To purchase more respondent credits for the organization simply click on the Request Credits link.
4. Organization Users: The total number of users that have been provisioned for the organization compared to the total number of users that may be provisioned at any one time.

Users

The Users tab is where admin users for the organization can provision and manage users for the organization. To provision a user for the organization click on the Add User button and a dialogue will appear with the following fields:

1. Name: The name of the user that you are creating an account for.
2. Email: The email of the user that you are creating an account for.
3. Permissions Level: The level of permissions that the new user should have for the organization. Please see below for details.

There are five levels of permissions for organization users (four of which are available as options when provisioning a new account):

1. Owner: There is only one owner for any organization. Please contact support to add or edit the owner of the organization. An owner has Admin permission but cannot be removed from the organization.
2. Admin: A user with Admin permission will be able to add, edit and remove users for this organization as well as create networks and surveys and edit the settings for the organization.
3. Standard User: A user without Admin permission but with regular permissions, i.e. they will have the ability to create networks and surveys.
4. Access-only: A user with Access-only permission will only be able to access networks and surveys created by other users and cannot create new networks or surveys themselves.
5. Simplified Access-only: The same as Access-only but the user will not see the full left-hand-side menu in the explore view but rather only the open views button

It is also possible to manage users in bulk by using the Download User List and Upload User List buttons. This works in a similar way to Respondent Lists in the sense that to make an edit you should first download the current user list and then make additions, deletions, edits in that list before uploading the updated list.

At any time you may edit the permissions and settings of a user by using the edit button. Furthermore, you may delete a user by clicking the delete button. A confirmation dialogue will appear and, once confirmed, the user will be deleted together with all the networks and surveys that they are the owner of. When you delete a user you will be presented with the option to transfer all of the networks or surveys owned by that user to another user in the organization.

Settings

The second tab in the organization section is the Settings tab. There are six settings that an admin user may change for an organization:

1. Name: The name of the organization may be edited here.
2. Prevent Public Networks: By default organization users are not able to upload public networks. If you would like to allow the upload of public networks you may switch it on and off here for all users. Prior to activating this functionality please get in touch with support to request an increase in the default public networks limit if required.
3. Prevent Support Access: If this is set to yes then Polinode support will not be able to access any user accounts in the organization.
4. Prevent Sharing Outside of Organization: If this is set to yes then users within the organization will not be able to grant access to any surveys or networks to users that are not in the organization (i.e. other Polinode users that are not a member of the organization).
5. Session Time: The default session time (i.e. time before a user is logged out for inactivity) is 60 minutes. This can be configured to a greater or lesser amount depending on the security requirements of the organization.
6. SAML: Click "Enable" to enable SAML 2.0 Single Sign On for your organization. This will open a dialogue that provides you with two URL's and also space to input two items from your SSO Identity provider as detailed below.

SAML Setup

When you click the Enable button for SAML Polinode provides you with the following two SAML inputs:

1. ACS URL: This is in the form https://app.polinode.com/saml/consume/exampleOrganization and is the URL that you should enter into your Identity Provider to be redirected to after your Identify Provider has authenticated you. It is the ACS URL, i.e. Assertion Consuer Service URL.
2. SP Entity ID:: This is a unique URL for your organization and will be in the form https://app.polinode.com/saml/login/exampleOrganization. If a user from your organization visits this URL they will be redirected to your Identity Provider for authentication before then being directed back to the ACS URL. This URL is unique to your organization. The SP Entity ID (Service Provider Entity ID) should be inputted in your Identity Provider. You may also enter this as the Issuer in your Identity Provider.

In order to setup SAML you will also need to input the following four items which will either be provided by your Identity Provider or chosen by you:

1. IDP URL: This may look something like https://sso.yourIdentityProvider.com/saml2/polinode. This is the URL that Polinode will redirect users in your organization to if they visit the Direct Signin URL or otherwise try to sign into the application.
2. Allow IDP Initiated: Whether or not Polinode should allow a SAML login request initiated by your identity provider or not.
3. Signature Algorithm: The RSA signature algorithm to use for signing responses and assertions. The default is sha256 and you should ensure in your IDP setup that both the response and assertion are signed with the algorithm that you specify here.
4. x.509 Certificate: This is a certificate provided from your Identity Provider that is uniqe to Polinode and your organization in that Identity Provider. It is used to ensure that only valid authentication requests succeed. It will be in the form:

-----BEGIN CERTIFICATE----- MIIFfjCCA2agAwIBAgIUYu1AahdXxB2APik0R8ITRYMcAQQwDQYJKoZIhvcNAQEL BQAwdzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMRAwDgYDVQQHEwdCb3VsZGVy ....ommitted... IxWzdXQT93keDA468B3CvkwQaZ6kYT91VI+voAO7yHJToER0S920iJxmgK2hfBxg JlJ4nUvJm3oNvi3Tsquc33a+KV0IEb9szw7wUp4ZUSh4uAu22rVpRF0/6CNfAotW 5OouQTmPrTpP394wBCeF0O3P
-----END CERTIFICATE-----

Once you have entered the inputs from Polinode into your Identity Provider and then inputted the IDP URL and x.509 Certificate from your Identity Provider into the dialogue you will be able to click the Activate SAML button. SAML will then be setup for your organization. If you need to enter an assertion in your provider please use urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress. Both the assertion and response should be signed and you should select the RSA-SHA256 algorithm for signing.

Polinode supports both IDP-initiated Sign-On (i.e. where a user goes to say Okta and initiates a login that way) and SP-initiated Sign-On (where the user navigates to say https://app.polinode.com/saml/login/exampleOrganization or enters their email at https://app.polinode.com/login). When setting up SAML in your Identity provider you may use the Polinode icon available at https://docs.polinode.com (opens new window) as the logo.

We do not support provisioning or deprovisioning accounts through SSO (they still need to be managed under Organization in the Polinode application). We also do not support single logout (as opposed to single sign on).