Smart Access Gateway (SAG) supports enterprise codes. SAG allows you to associate usernames of client accounts with enterprise codes. Enterprise codes are used as globally unique identifiers to identify users. Users are assigned usernames, passwords, and enterprise codes that can be used to log on to the SAG app and access the private network of the enterprise.
Introduction to enterprise codes
An enterprise code is five characters in length and consists of letters and digits. Each SAG APP instance has an enterprise code. After you create a client account for a user, the user can log on to the SAG app with the username and password of the client account and the enterprise code.
Enterprise codes are classified into default enterprise codes and custom enterprise codes. Their differences are:
- Default enterprise codes: SAG automatically assigns a default enterprise code to each
Alibaba Cloud account. Default enterprise codes are globally unique.
Each SAG APP instance is assigned a default enterprise code.
- Custom enterprise codes: You can create custom enterprise codes. Custom enterprise
code must be globally unique.
- You can associate an SAG APP instance with a custom enterprise code. A custom enterprise code has a higher priority than a default enterprise code.
- You can set a custom enterprise code as the default enterprise code. After a custom
enterprise code is set as the default enterprise code, the previous default enterprise
code becomes a custom enterprise code.
After you change the default enterprise code of an SAG APP instance, all SAG APP instances purchased after this change are assigned a new default enterprise code. The default enterprise codes of existing SAG APP instances remain unchanged. SAG allows you to change the enterprise code of existing SAG APP instances to a new default enterprise code.
For more information, see Manage enterprise codes.
The following table describes the scenarios where enterprise codes are used.
Account | Resource | Same enterprise code | Different enterprise codes |
---|---|---|---|
Same Alibaba Cloud account | Two SAG APP instances that are deployed in the same region or in different regions | Supported.
By default, all SAG APP instances use the default enterprise code. |
Supported.
You can create custom enterprise codes and change the default enterprise code of an SAG APP instance to a custom enterprise code. Custom enterprise codes must be globally unique. For more information, see Manage enterprise codes. |
Different Alibaba Cloud accounts | Two SAG APP instances that are under different Alibaba Cloud accounts | Not supported.
Each Alibaba Cloud account is assigned a default enterprise code. Default enterprise codes are globally unique. |
Supported.
The default enterprise code assigned to each Alibaba Cloud account is globally unique. |
Enterprise codes and usernames
After you associate usernames of client accounts with an enterprise code, the enterprise code is used as a globally unique identifier to identify users.
When you create a client account for an SAG APP instance, you must specify a username for the client account. The combination of the username and the enterprise code of the SAG APP instance must be globally unique.
The following table describes whether you can create client accounts with duplicate usernames.
Account | Resource | Same enterprise code | Different enterprise codes |
---|---|---|---|
Same Alibaba Cloud account | Two SAG APP instances that are deployed in the same region | The two SAG APP instances do not support client accounts that have duplicate usernames. | The two SAG APP instances support client accounts that have duplicate usernames.
When users log on to the SAG app with client accounts that have duplicate usernames, the users must specify their own enterprise codes. |
Same Alibaba Cloud account | Two SAG APP instances that are deployed in different regions | The two SAG APP instances support client accounts that have duplicate usernames only
when the roaming feature is enabled for the clients.
For more information, see Configure roaming for clients. |
|
Different Alibaba Cloud accounts | Two SAG APP instances that are deployed in the same region or in different regions | Not supported.
By default, the enterprise codes of SAG APP instances under different Alibaba Cloud accounts are unique. |