Creating Extranets Overview

The user permission group 'All registered' will include extranet users once they are created. Therefore any content across your site using 'All registered' will need to be altered (if no longer appropriate) to prevent extranet users from being able to access these.
The groups 'extranet area: primary area', 'extranet area: xxxx' etc should be used to differentiate between these areas in permissions. More information below in the permissions section.

 

Included in this article

  1. Overview
  2. Extranet licenses
  3. Creating a new extranet area
  4. Permissions 
  5. Setting the themes and design for each extranet
  6. Example
  7. Testing
  8. Management

 

1 - Overview

Extranets are set up to give partners, stakeholders, suppliers, customers, or other groups of users access to your intranet. Claromentis supports unlimited levels of extranet areas. 

The main functionality of an extranet is to allow different groups of users to access the intranet without being able to see each other. Each extranet will be able to see its own extranet users and all the primary area users, but they will not be able to see users from another extranet. Your primary area will be able to see all users in all extranets.
 

This is further explained here - it's crucial your team understand how this works before proceeding


You can attribute a new theme, homepage, and menu to Extranets if you require them to see different information from your primary area users. (This can be a shared extranet homepage or one per Extranet depending on your requirements)

As there is much to consider and configure when creating an Extranet, it is recommended to create a test user account in each extranet you will be creating. This will allow you to log in and check what that extranet can see/access and make changes if required. Once satisfied you can delete the test account, freeing up the extranet user license.

Access to the extranet control panel (Admin > Extranet) is required to create an extranet, so ensure users have been made an application administrator of the Extranet application ahead of time.

 

2- Extranet Licences

Extranet licenses are taken from your full quota of users but are kept separate for licensing.

You will not be able to create an extranet area until at least one extranet user license is available on your site.

To request additional licenses or to change a portion of your intranet licenses to extranet licenses will require our support. Please take a look here.

 

3- Creating a new extranet area

Navigate to Admin > Extranets.

As long as you have at least one extranet user license available you will see the green button below to add a new area.

If you do not see this button you will need to add some extranet licenses as mentioned above via this user license request form

You will be able to input the extranet area name, if this extranet is *read-only, the description and also select a logo. Once you have submitted this you will get a pop-up to tell you that the extranet has been created. 

*A read-only extranet means that all users are not permitted to add documents, create content pages or add forum posts.


On this screen, you will be presented with a list of all users. Choose which users should go into this extranet either by selecting them or searching their name and submitting when all are included.

Please note: You can make changes to the areas users are in freely over time, so the choices made here initially are not final.

 

You can also assign or check a user area in their profile here: 

 

Once you have submitted your extranet you will be taken back to the main page where you will be able to edit or delete other extranets by clicking on the pencil icon.

If ever deleting an extranet you will be asked if you would like to move these users to another area, otherwise, the only option is to delete the users alongside the extranet, which is not reversible if completed.

 

 

4- Permissions

Setting permissions within an extranet is the same as setting permissions across the system.

Extranets can be selected in the same way as a People Role or Group from any permissions picker across the system and select what permissions are given per application.

The name of the extranet will follow the prefix 'Extranet area' for easy locating when entering permissions.

 

It is important to understand Extranet users will be included in the 'All registered' permissions group once they are created.

This is because the 'All registered' group is hardcoded to include all registered profiles on a site, regardless of their 'area'.

Therefore anywhere that 'All registered' has been used on your site before creating your extranets, will need to be changed if its now decided extranet users should not have access to that area.

 

e.g. An established News channel has 'All registered' with view permissions, however, we now only wish for primary area users to see this News as it's not for extranet users, so permissions can be changed as below.

This ensures that only primary area users are now included and all extranet users have been excluded.

 

If we changed our mind and wanted one extranet to be able to see this news, their group can be simply entered into permissions and this saved:

 

There is no way to see all permissions across the site at once and tweak these.

Every application will need to be checked for front-end/admin side permissions that are set up to only allow access to users you wish and if not, to make the necessary manual changes to correct this.

Please note - Document application specifically - when making changes to the top-level folders, removing 'All registered' from the root will remove all instances of groups/roles related down the subfolder levels e.g. the loss of a lot of permissions further down the directory that will effect primary area users. If you require changes to Document permissions - like removing 'All registered' - start from the lowest level in the directory and work upwards making permissions alterations towards the parent folder/root - this will retain permissions and avoid access losses.

 

Furthermore, you may wish to consider only giving access to the Intranet applications extranet users will be using (if any), and ensure the list given is as minimal as possible.

Change permissions on application list icons to exclude your extranet area users via Admin > Menu Builder > Applications

There is an option in the design panel to hide the applications list in the theme from the header, which can be useful to prevent an extranet user from accessing anything that is not on the homepage or menu.

Please note: A user will be able to click through to the applications that are used as components on a page, even if they don't have permission to the application icon in their list. Only place components on the homepage you would be happy for an extranet user to click through to and see content they have permissions for in that application.

 

5 - Setting the themes and design for each extranet

You may want your site to have a different look and feel for the extranet users. This can be achieved by visiting the design panel, creating a custom theme, and forcing it for an extranet group.

Create a new homepage in the Pages application and ensure all components used on it have information that extranet users will be able to view e.g. News slider set to channels that have been made for extranet users/they are allowed to see and are defined in permissions for.

A new menu can be created for Extranet users with pared-down menu items and selected to display in their theme. e.g. Links to external sites or internal Intranet pages they have permissions for.

Setting themes means the extranet areas could have a different home page and menu from the primary area users. However, the permissions are the same across all designs.

 

6- Example

The video below demonstrates two extranet areas that have been created, as well as having their own theme forced, an extranet homepage and a specialised menu.

 

 

The video loop below demonstrates the primary area users experience when they log in. Notice the theme, menu, and homepage they see as well as the amount of application icons listed.

 

The video loop below demonstrates an extranet user experience when they log in. Notice the theme, menu, and homepage they see, as well as the amount of application icons listed.

 

 

7. Testing

Final checks can be carried out by administrators once all content/permissions have been put in place for extranet users and before they begin logging in.

This is to ensure the extranet user experience fits your requirements and that they can only access what you want them to. 

(A test user can be added per extranet being created so these checks can be performed for each)

  • Log in via your test extranet user accounts, and navigate around to check all is well.
  • If any tweaks are required, log out and back into your administrator account to make alterations to content or permissions.
  • Log back into the test account and check the changes were updated and are now satisfactory.
  • Repeat until each extranet experience is as you desire.
  • Delete the test accounts used for the extranets once finished to free up the user license for a real user.

Once extranet users begin logging in, administrators should already know what their extranet experience will be after testing it themselves, leaving no concern over what they can access.

 

8. Management

Following the set-up of the extranets and users being added, administrators will simply be managing the extranet and its content in the same way as they have been for the primary area since having the system; using the 'extranet area: xxxx' group in permissions where applicable and uploading new content for extranets users as standard.

 

Created on 10 October 2019 by Hannah Door. Last modified on 17 July 2024

Was this helpful?  

Share