Onboarding preparation checklist

  • Last update on November 29th, 2024

Here are described the operational and technical actions to be properly prepared for CoreView onboarding activities, in order to make the procedure as smooth as possible, anticipating any issues that may arise.


Subscription

CoreView utilizes Entra ID applications and the Microsoft 365 Management API to obtain the necessary consents for reading from and writing to your Microsoft tenant. 

To facilitate this integration, you need to have either a Microsoft 365 subscription or an Entra ID Premium P1 or P2 subscription.

In particular, one of the following subscriptions is required to fully integrate CoreView with your Microsoft 365 tenant:

Microsoft 365 subscription

CoreView supports various Microsoft 365 plans, including:

  • E1
  • E3
  • E5
  • F1
  • F3

These subscriptions provide foundational access to the Microsoft 365 suite and the capabilities required for integration with CoreView. 

Entra ID Premium P1 or P2

Both Entra ID Premium tiers offer essential features for application management and API access:

  • Entra ID Premium P1: includes advanced identity management and security features.
  • Entra ID Premium P2: adds comprehensive identity protection and governance capabilities.

These premium subscriptions enable you to register your application in Microsoft Entra ID and obtain the necessary permissions to interact with the Microsoft 365 Management APIs.

For more information, visit the Microsoft documentation.


Owner account

At the beginning of the onboarding process, you will be required to log in using a Microsoft Office 365 account that has been granted the Global Administrator role. This account belongs to the individual who will be designated as the owner of CoreView.

The administrative credentials (Microsoft 365 admin username and password) you provide during the sign-up are not stored or retained by CoreView.

 

Understanding the owner account

Who is the owner?

This owner is an individual that:

  • collaborates with us throughout the onboarding process and will make configuration decisions for CoreView
  • serves as the main point of contact for important communications, such as being contacted by the Customer Experience/Support team in case any issues arise during data import
  • is the primary person your CoreView Customer Success Manager (CSM) plans to meet regularly
 
 

What is the purpose of the owner account for CoreView?

This account is temporarily utilized by CoreView during the initial stage of the onboarding procedure. Its function is to establish a connection with your Microsoft 365 tenant and to begin the creation of your CoreView Tenant.

 
 

What characteristics must the owner account have?

  • It must be a valid Microsoft Office 365 organizational account, meaning one that is associated with a work or school account.
  • The account must be granted the Global Administrator role.
  • It does not require an assigned Office 365 license
  • It can be a cloud-only account, such as:
 im_a_admin@yourtenant.onmicrosoft.com
 
 

Our suggested practice

To ensure efficient onboarding, it is recommended that you use two separate accounts:

  1.  The first account will receive the activation link and serve as the contact point for support in case of any issues
  2. The second account, used for providing consents, is generally different from the first account and typically does not have an associated email address for sending communications. You can create this second account solely for activating CoreView and may choose to delete it afterwards to maintain security. 
 
 

Mitigating potential credential issues with the owner account

Edit account owner information

The account owner information (first name, last name) is populated with data from the Entra ID account. 

If a change is needed, you'll have to edit the account information in Microsoft 365 before initiating the onboarding procedure. Please note that there may be a delay before the name change is synchronized with CoreView.

 
 

Enrollment credentials do not possess the Global Admin role

You should ask your Global Tenant Admin to provide you these credentials in order to be able to register the trial. 

Alternatively, you can ask him or her to create a temporary Global Tenant Admin for the trial registration. 

If you have created a test tenant for trial registration, please wait until the Global Admin account is synchronized with the Microsoft 365 portal and confirm that at least one E1 license is assigned to the user on the Microsoft 365 portal.

 
 

Account is not valid

You must use a valid Microsoft 365 Global Admin role organizational account.
The best practice is to use a mail-enabled, cloud-only account, such as one that ends in:

@yourtenant.onmicrosoft.com

The use of any accounts associated with @live.com, @outlook.com, and so on will cause the onboarding process to fail.

 
 

Browser

  • CoreView is cloud-based and, therefore, can be used from your workplace, from home, or, if necessary, using a mobile device such as a tablet or smartphone.
  • The platform is optimized for use with Google's Chrome and Microsoft's Edge (Chromium version) web browsers.

While it's possible to use CoreView on other browsers, such as Firefox, Safari, Opera, and so on, those browsers are not supported.  

 

Review DNS and IP Addressess

CoreView relies on a small collection of application services, each with its own unique URL. If your organization has enterprise networking, security, or DNS services you should review these URLs to determine whether any network, firewall, or other network changes are necessary to accommodate these access points. This will ensure that your organization can successfully utilize CoreView.

Application URLs used by CoreView

Main CoreView URLs and related CDNs: 
*.coreview.com 
*.4ward365.com 
*.loginportal.online 
*.msecnd.net 
*.cloudflare.com 
*.bootstrapcdn.com 
*.mapbox.com 
*.openstreetmap.org 
*.flexmonster.com 
*.highcharts.com 
https://spoprod-a.akamaihd.net 
https://use.fontawesome.com 
https://fonts.gstatic.com
https://themes.googleusercontent.com

Support links: 
*.uservoice.com (NPS and submit feedback) 
*.zendesk.com (Support chat and open tickets from portal) 
* pendo.io 
*.heapanalytics.com

Logging: 
*.visualstudio.com 
https://api.segment.io 
https://cdn.segment.com

Depending on your organization's security requirements, it may be necessary to explicitly allow the IP addresses associated with the CoreView Azure environment.

CoreView Data Center IP Addressess

Data centers and IPs

If you need the list of CoreView's data centers and related IPs, we can provide you with a detailed table.

You can request the table from your designated Technical Account Manager or by contacting support.

 

 

 

 
 

Disable MFA for service accounts and configure conditional access

To ensure that CoreView services will still be able to run properly from the data center you are hosted in, while maintaining high levels of security, its needed to:

This ensures that CoreView has the necessary permissions to import your tenant's data, through the creation of service accounts in your tenant.


Whitelist CoreView Application Sender Accounts

CoreView relies on several electronic mail accounts to originate emails and/or for essential communications. To ensure that you receive all emails, you have two options: whitelist specific email addresses or whitelist the entire CoreView domain.

Whitelist specific email address

We recommend whitelisting these addresses:

  • noreply@coreview.com 
    This account is used to support scheduled reports and for important communications from CoreView to our customers and partners.
  • marketing@coreview.com 
    From time to time, our Marketing department will communicate to our customers and partners on topics of interest, such as upcoming webinars, blogs and so on.

Recipients of these emails can easily unsubscribe if needed.  

 
 

Whitelist domain

Alternatively, instead of whitelisting specific email addresses, you can choose to whitelist the domain @coreview.com.

 
 

Need help? We are here for you!

Should you encounter any difficulties during the onboarding process, there is a live support chat available throughout the process. You can find the button to open it on the screen in the bottom right corner.