What is SaaS Discovery?
As a LeanIX EAM customer, you can use SaaS Discovery at no additional cost. With this capability, you can significantly speed up the process of getting Application data into LeanIX EAM.
SaaS Discovery integrates with a number of different sources (including SSO) to automatically pull a list of SaaS services. Any new service discovered via the integration can also be synced.
You can choose which services to import into your EAM workspace. Anything you import will be in line with our modeling guidelines for Applications, including linked IT Components and their Providers. This is a significant time saver and will allow you to start taking control of your SaaS software.
Important to note that the SaaS Discovery feature in LeanIX EAM does not provide insight to cost, adoptions, utilization, contracts, and other SaaS specifics. If you want to go beyond pure discovery of your SaaS services and know more about spend, usage, or renewals, the LeanIX SaaS Management Platform (SMP) has got you covered:
- SMP integrates with key enterprise systems such as SSO, CASB, expense management, and financial management, providing a one-stop-shop for SaaS-related data.
- It allows you to optimize usage and ensure proper entitlements, eliminate waste, and control SaaS spend.
- It enables business unit leaders to make informed decisions around the SaaS services they are leveraging.
- It surfaces unknown SaaS services in the organization, lowering security and compliance risks.
Setting up SaaS Discovery in EAM
All functionality, configuration, and also setup are available in the "SaaS Discovery" entry in the Admin menu.
The setup requires the following steps:
Activation of the SaaS Catalog feature
Signing the required contract amendment for data usage (only applies to a few customers)
Setting up integrations for Service Discovery
You can see the details on Data Usage here
Details on the SaaS Catalog
Within the platform capability Reference Catalogs, LeanIX provides an additional capability for SaaS applications, the SaaS Catalog. It provides up-to-date information for a large number of SaaS services and is automatically activated for all EAM customers opting in for SaaS Discovery. The catalog provides the following info:
- Name and description of the application
- (New) Product category
- (New) SSO Availability and Available Providers
- (New) Hosting type and description
- Logo (visible in the Self-Service Portal)
- Direct relation with an ITC
- Indirect relation from the ITC to the Provider
All fields with (New) will be provisioned and added to the data model on activation of the SaaS Catalog, provisioning cannot be undone, but fields and sections can be moved by admin.
The fields to be synchronized can be configured by the admin under the Reference Catalogs section in order to automate the update of your SaaS Applications.
Adding discovery integrations to SaaS Discovery
The foundation for continuous service discovery is active integrations into key enterprise systems. These enable LeanIX to identify and discover SaaS that is used throughout your organization.
Integrations can be added in the "Integrations" tab of SaaS Discovery.
Simply select the data source you want to integrate by clicking "Add integration". To set up the integration you need to provide credentials, more details on how to acquire those can be found in our discover integration documentation.
Available integrations are listed here. Please follow the links for setup details.
- Credit Cards
- Microsoft Azure Active Directory
Adding discovered SaaS to the Inventory
Once activated, admins will see the “SaaS Discovery” entry in the admin menu. On this page, users can see a complete list of all discovered applications and decide if they want to link (Matching Applications tab) or create (New Applications tab) new applications in their workspace. A third tab serves as a decision log and displays all resolved applications.
Admins can decide to forward these Import and Link to-dos to other users in the workspace using the "Select assignees" button of the expanded to-do. Be aware of the authorizations given to the assignees, as they need to be able to create and update Fact Sheets when interacting with the Import and Link to-dos.
In Matching Applications, the Fact Sheet column shows the recommended Application found in the workspace. Created on is the date when the application was discovered and the Decision column states if the admin decided to approve or reject the linking.
Every entry in the list can be expanded to review not only the description of the Application but also the dependencies that will be created/linked
Matching Applications also have the to-do item directly in the Fact Sheet, not only the admin can decide on the linking but also the Application owner.
Create new Applications from SaaS Discovery
In New Applications, the Fact Sheet column is always empty, as no matching Application has been found in the workspace. Created on is the date when the application was discovered and the decision column states if the admin decided to approve or reject the creation.
In addition to the Create feature, a Search feature is provided in case the admin knows an Application for the discovered one already exists in the workspace, but is still not linked to the catalog.
Review resolved Applications
Next to the Matching and New Applications tab the Resolved Applications tab shows you a list of all Import and Link to-do items that have been closed by rejecting or creating/linking the Application.
If you want to undo/change a linkage you can easily do this in the admin section under "To-Dos". Search the To-Do by name or filter by "closed" ones and set the Status to "Open" and the "Resolution" to "none" (see screenshot below). Then it will appear again under the Matching Applications/New Applications tab.
FAQ: Why I don't see any data in the SaaS Discovery section?
- The integration runs every night, check up the sync log and filter by name SMPtoEAM to understand the current state and wait for the next run.
- You don't have any newly discovered applications
SaaS Discovery in combination with the SaaS Catalog also provides details on the SSO. This includes information on the current SSO integration status, like if the Application is integrated with SSO (SSO Status = SSO Implemented) and which “SSO Provider” it is integrated with or if SSO is not implemented (SSO not implemented). If SSO is not implemented, the Provider is left empty.
The SaaS Catalog adds information on which Application can potentially be integrated with SSO (SSO Availability) and lists the available SSO Providers.
Updated 20 days ago