Breadcrumbs

Security, Access and Trust

Use this article to understand how Yarken manages authentication, permissions, entity access, and secure data visibility.

Govern access with confidence

Security, Access, and Trust in Yarken helps organizations control how users sign in, what they can access, and how financial data is protected across the platform.

Yarken supports enterprise access patterns such as identity provider sign in, role-based access, entity-based visibility, and permission-aware responses in Ask Yarken. This helps teams manage sensitive technology finance data with the right level of control.

What you can do

  1. Support sign in through configured identity providers such as Microsoft Entra ID, OpenID, and Okta.

  2. Use organization-configured MFA through the identity provider where enabled.

  3. Manage users, roles, and permissions inside Yarken.

  4. Control entity visibility for non-admin users.

  5. Restrict access to spend, cloud, planning, reporting, and analytics data by assigned entity.

  6. Ensure Ask Yarken responses respect user permissions and entity access.

  7. Use user management controls to grant, update, or remove access.

  8. Support secure pipeline access through service principal configuration where applicable.

Enterprise sign in

Yarken can support enterprise authentication through configured identity providers such as Microsoft Entra ID, OpenID, and Okta.

At sign in, users can authenticate through the organization's configured provider. Where MFA is configured by the organization, users complete MFA through that provider.

Yarken can also match users by username or email and update stored user details when they differ from the identity provider. This helps keep authentication resilient while keeping access control managed inside Yarken.

Roles and permissions

Yarken uses roles and permissions to control platform access.

Administrators can assign users to the areas they need, such as dashboards, reports, Analytics, Planning, Business Cases, Chargeback, Admin, or other functional areas.

Users can also be created without immediate functional access, allowing administrators to set up accounts first and assign permissions later.

Entity access

Entity access controls which organizational entities a user can view and work with.

Admins can access all entities. Non-admin users must be assigned to one or more entities before they can access entity-scoped data.

Entity access applies across spend, cloud, planning, reporting, dashboards, analytics, Cost Explorer, and Ask Yarken. This helps organizations protect financial visibility across regions, business units, legal entities, or other reporting structures.

Permission-aware Ask Yarken

Ask Yarken respects the user's permissions and entity access.

Responses are limited to the data the user is authorized to see. This is important because Ask Yarken can answer broad financial and operational questions across the platform.

Permission-aware responses help keep AI-driven analysis aligned with the same access model used across reporting and analytics.

Secure data connections

Yarken supports controlled access patterns for connected data sources and pipelines.

For example, Power BI API access can be configured through Microsoft Entra service principals and security groups where applicable.

This helps teams manage integration access using enterprise controls instead of relying on individual user credentials.

What makes it different

Security in Yarken is connected to the way technology finance actually works.

Access is not only about logging in. It determines which entities, accounts, cost centers, reports, planning data, cloud data, and AI responses a user can see.

This gives organizations a stronger operating model for sensitive financial data. Users can work with the information they need while access remains governed by role, entity, and permission.

When to use Security, Access, and Trust

Use this area when setting up authentication, managing users, assigning roles, configuring entity access, or reviewing how permissions affect reporting and Ask Yarken.

Use it when onboarding new users, changing organizational structures, adding entities, enabling enterprise sign in, or reviewing access controls.

For detailed step by step instructions on identity provider setup, user management, role assignment, entity access, and secure pipeline configuration, refer to the relevant user guides.

Next step

Admin, Users, and Settings

Related articles

Multi-Entity and Multi-Currency

Connected Data Sources (Integrations)

Admin, Users, and Settings

Navigation, Filters, and Search