Here are described the operational and technical actions to be properly prepared for CoreView onboarding activities, in order to make the procedure as smooth as possible, anticipating any issues that may arise.
Subscription
CoreView utilizes Entra ID applications and the Microsoft 365 Management API to obtain the necessary consents for reading from and writing to your Microsoft tenant.
To facilitate this integration, you need to have either a Microsoft 365 subscription or an Entra ID Premium P1 or P2 subscription.
In particular, one of the following subscriptions is required to fully integrate CoreView with your Microsoft 365 tenant:
Microsoft 365 subscription
CoreView supports various Microsoft 365 plans, including:
- E1
- E3
- E5
- F1
- F3
These subscriptions provide foundational access to the Microsoft 365 suite and the capabilities required for integration with CoreView.
Entra ID Premium P1 or P2
Both Entra ID Premium tiers offer essential features for application management and API access:
- Entra ID Premium P1: includes advanced identity management and security features.
- Entra ID Premium P2: adds comprehensive identity protection and governance capabilities.
These premium subscriptions enable you to register your application in Microsoft Entra ID and obtain the necessary permissions to interact with the Microsoft 365 Management APIs.
For more information, visit the Microsoft documentation.
Owner account
At the beginning of the onboarding process, you will be required to log in using a Microsoft Office 365 account that has been granted the Global Administrator role. This account belongs to the individual who will be designated as the owner of CoreView.
The administrative credentials (Microsoft 365 admin username and password) you provide during the sign-up are not stored or retained by CoreView.
Understanding the owner account
Who is the owner?
This owner is an individual that:
- collaborates with us throughout the onboarding process and will make configuration decisions for CoreView
- serves as the main point of contact for important communications, such as being contacted by the Customer Experience/Support team in case any issues arise during data import
- is the primary person your CoreView Customer Success Manager (CSM) plans to meet regularly
What is the purpose of the owner account for CoreView?
This account is temporarily utilized by CoreView during the initial stage of the onboarding procedure. Its function is to establish a connection with your Microsoft 365 tenant and to begin the creation of your CoreView Tenant.
What characteristics must the owner account have?
- It must be a valid Microsoft Office 365 organizational account, meaning one that is associated with a work or school account.
- The account must be granted the Global Administrator role.
- It does not require an assigned Office 365 license
- It can be a cloud-only account, such as:
im_a_admin@yourtenant.onmicrosoft.com
Our suggested practice
To ensure efficient onboarding, it is recommended that you use two separate accounts:
- The first account will receive the activation link and serve as the contact point for support in case of any issues.
- The second account, used for providing consents, is generally different from the first account and typically does not have an associated email address for sending communications. You can create this second account solely for activating CoreView and may choose to delete it afterwards to maintain security.
Mitigating potential credential issues with the owner account
Edit account owner information
The account owner information (first name, last name) is populated with data from the Entra ID account.
If a change is needed, you'll have to edit the account information in Microsoft 365 before initiating the onboarding procedure. Please note that there may be a delay before the name change is synchronized with CoreView.
Enrollment credentials do not possess the Global Admin role
You should ask your Global Tenant Admin to provide you these credentials in order to be able to register the trial.
Alternatively, you can ask him or her to create a temporary Global Tenant Admin for the trial registration.
If you have created a test tenant for trial registration, please wait until the Global Admin account is synchronized with the Microsoft 365 portal and confirm that at least one E1 license is assigned to the user on the Microsoft 365 portal.
Account is not valid
You must use a valid Microsoft 365 Global Admin role organizational account.
The best practice is to use a mail-enabled, cloud-only account, such as one that ends in:
@yourtenant.onmicrosoft.com
The use of any accounts associated with @live.com, @outlook.com, and so on will cause the onboarding process to fail.
Browser
- CoreView is cloud-based and, therefore, can be used from your workplace, from home, or, if necessary, using a mobile device such as a tablet or smartphone.
- The platform is optimized for use with Google's Chrome and Microsoft's Edge (Chromium version) web browsers.
While it's possible to use CoreView on other browsers, such as Firefox, Safari, Opera, and so on, those browsers are not supported.
Review DNS and IP Addressess
CoreView relies on a small collection of application services, each with its own unique URL. If your organization has enterprise networking, security, or DNS services you should review these URLs to determine whether any network, firewall, or other network changes are necessary to accommodate these access points. This will ensure that your organization can successfully utilize CoreView.
Application URLs used by CoreView
Main CoreView URLs and related CDNs:
*.coreview.com
*.4ward365.com
*.loginportal.online
*.msecnd.net
*.cloudflare.com
*.bootstrapcdn.com
*.mapbox.com
*.openstreetmap.org
*.flexmonster.com
*.highcharts.com
https://spoprod-a.akamaihd.net
https://use.fontawesome.com
https://fonts.gstatic.com
https://themes.googleusercontent.com
Support links:
*.uservoice.com (NPS and submit feedback)
*.zendesk.com (Support chat and open tickets from portal)
* pendo.io
*.heapanalytics.com
Logging:
*.visualstudio.com
https://api.segment.io
https://cdn.segment.com
Depending on your organization's security requirements, it may be necessary to explicitly allow the IP addresses associated with the CoreView Azure environment.
CoreView Data Center IP Addressess
Data centers and IPs
If you need the list of CoreView's data centers and related IPs, we can provide you with a detailed table.
You can request the table from your designated Technical Account Manager or by contacting support.
Disable MFA for service accounts and configure conditional access
To ensure that CoreView services will still be able to run properly from the data center you are hosted in, while maintaining high levels of security, its needed to:
- disable MFA for service accounts
- and set Conditional Access to grant access only inside the CoreView data center
This ensures that CoreView has the necessary permissions to import your tenant's data, through the creation of service accounts in your tenant.
Whitelist CoreView Application Sender Accounts
CoreView relies on several electronic mail accounts to originate emails and/or for essential communications. To ensure that you receive all emails, you have two options: whitelist specific email addresses or whitelist the entire CoreView domain.
Whitelist specific email address
We recommend whitelisting these addresses:
-
noreply@coreview.com
This account is used to support scheduled reports and for important communications from CoreView to our customers and partners. -
marketing@coreview.com
From time to time, our Marketing department will communicate to our customers and partners on topics of interest, such as upcoming webinars, blogs and so on.
Recipients of these emails can easily unsubscribe if needed.
Whitelist domain
Alternatively, instead of whitelisting specific email addresses, you can choose to whitelist the domain @coreview.com.
Need help? We are here for you!
Should you encounter any difficulties during the onboarding process, there is a live support chat available throughout the process. You can find the button to open it on the screen in the bottom right corner.