Skip to main content
Alphabetical reference for the terminology in this documentation.

Access Policy

A per-Context ruleset that controls which Sign In Modules are offered to which audiences, along with session length, device limits, and per-module overrides. See Sign In Access Policies.

Admin Dashboard

The browser-based admin application you sign in to after picking an Organization. The surfaces visible to you in the Admin Dashboard are determined by your role bindings in that Organization. See Platform overview.

Administrator

A User with one or more role bindings in an Organization. See Administrators.

Audit Log

A time-ordered record of administrative actions. Exists at Organization scope and at Context scope. See Audit Log.

Captive Portal

A web-based authentication page a guest reaches when connecting to a Sign-In-controlled guest network. See Sign In overview.

Context

A Service instance inside an Organization. Each Service (Sign In, EntryPoint, EasyPSK for Cisco Networks, Endpoint Manager for Cisco ISE) is consumed as a Context. An Organization can run many Contexts of the same type. Also referred to as a Service Context.

Context-scope

An activity or role binding that applies to one specific Service Context, not to the Organization as a whole. See Users and roles.

EasyPSK for Cisco Networks

One of the four Services. One private Wi-Fi bubble per apartment, room, or unit on a shared Cisco Meraki SSID. The in-product label is Meraki WPN. See EasyPSK for Cisco Networks overview.

Endpoint Manager for Cisco ISE

One of the four Services. Delegated, per-group administration of MAC-authorised endpoints in your own Cisco ISE. The in-product label is ISE Device Management. See Endpoint Manager overview.

EntryPoint

One of the four Services. RADIUS-as-a-Service for 802.1X, MAB, and Identity PSK. See EntryPoint overview.

iPSK

Identity PSK. A wireless authentication method where each user or device has its own pre-shared key on a shared SSID.

Organization

The customer-level container on Netgraph Connectivity Platform. Holds administrators, configuration, and every Service Context. See Organization overview.

Organization-scope

An activity or role binding that applies to the Organization as a whole — every Service Context and every Organization-level surface. See Users and roles.

RADIUS

A network-authentication protocol. EntryPoint is a cloud-hosted RADIUS server; Sign In’s RADIUS Module uses RADIUS to call an external server for credential validation.

Role

A named set of permissions, bound to a User at either Organization scope or Context scope. See Users and roles.

SAML

Security Assertion Markup Language. Used to federate sign-in with an external identity provider such as Microsoft Entra ID, Google Workspace, or Okta. See Admin Portal authentication.

Self-Service portal

The end-user portal where people with a per-resource role in a Service Context — residents managing a Wireless Personal Network, conference hosts, ISE-group delegated administrators — sign in for that one resource. Distinct from the Admin Dashboard; different URL, different audience.

Service

Netgraph Connectivity Platform has four Services: Sign In, EntryPoint, EasyPSK for Cisco Networks, and Endpoint Manager for Cisco ISE. Each Service is consumed as a Context inside an Organization.

Sign In

One of the four Services. Cloud-hosted guest network with a Captive Portal and a range of sign-in methods. See Sign In overview.

Sign In Module

An authentication method available inside a Sign-In Context. Examples: Meeting Hosts, Email Self Provisioning, SAML Logins, Username & Password.

User

A platform-level identity. One email per platform. Can be bound to one or several Organizations with different role sets in each. See Users and roles.

Webhook

An HTTP callback delivered when an event occurs. Subscribable at Organization and Context scopes. See Webhooks.