Documentation Index
Fetch the complete documentation index at: https://wiki.netgraph-connect.com/llms.txt
Use this file to discover all available pages before exploring further.
Alphabetical reference for the terminology in this documentation.
Access Policy
A per-Context ruleset that controls which Sign In Modules are
offered to which audiences, along with session length, device
limits, and per-module overrides. See
Sign In Access Policies.
Admin Dashboard
The browser-based admin application you sign in to after picking
an Organization. The surfaces visible to you in the Admin Dashboard
are determined by your role bindings in that Organization. See
Platform overview.
Administrator
A User with one or more role bindings in an Organization. See
Administrators.
Audit Log
A time-ordered record of administrative actions. Exists at
Organization scope and at Context scope. See
Audit Log.
Captive Portal
A web-based authentication page a guest reaches when connecting to
a Sign-In-controlled guest network. See
Sign In overview.
Context
A Service instance inside an Organization. Each Service (Sign In,
EntryPoint, EasyPSK for Cisco Networks, Endpoint Manager for Cisco
ISE) is consumed as a Context. An Organization can run many
Contexts of the same type. Also referred to as a Service Context.
Context-scope
An activity or role binding that applies to one specific Service
Context, not to the Organization as a whole. See
Users and roles.
DHCP Scope
A range of IP addresses that a Service Gateway hands out to guest
devices, plus the lease options sent with each allocation — default
gateway, DNS servers, lease time, and DHCP Option 114. Configured
per Sign-In Context; typically one scope per VLAN, subnet, or site.
See DHCP.
EasyPSK for Cisco Networks
One of the four Services. One private Wi-Fi bubble per apartment,
room, or unit on a shared Cisco Meraki SSID. The in-product label
is Meraki WPN. See
EasyPSK for Cisco Networks overview.
Endpoint Manager for Cisco ISE
One of the four Services. Delegated, per-group administration of
MAC-authorised endpoints in your own Cisco ISE. The in-product
label is ISE Device Management. See
Endpoint Manager overview.
EntryPoint
One of the four Services. RADIUS-as-a-Service for 802.1X, MAB, and
Identity PSK. See EntryPoint overview.
iPSK
Identity PSK. A wireless authentication method where each user or
device has its own pre-shared key on a shared SSID.
Organization
The customer-level container on Netgraph Connectivity Platform.
Holds administrators, configuration, and every Service Context. See
Organization overview.
Organization-scope
An activity or role binding that applies to the Organization as a
whole — every Service Context and every Organization-level surface.
See Users and roles.
RADIUS
A network-authentication protocol. EntryPoint is a cloud-hosted
RADIUS server; Sign In’s RADIUS Module uses RADIUS to call an
external server for credential validation.
Role
A named set of permissions, bound to a User at either Organization
scope or Context scope. See
Users and roles.
SAML
Security Assertion Markup Language. Used to federate sign-in with
an external identity provider such as Microsoft Entra ID, Google
Workspace, or Okta. See
Admin Portal authentication.
Self-Service portal
The end-user portal where people with a per-resource role in a
Service Context — residents managing a Wireless Personal Network,
conference hosts, ISE-group delegated administrators — sign in for
that one resource. Distinct from the Admin Dashboard; different
URL, different audience.
Service
Netgraph Connectivity Platform has four Services: Sign In,
EntryPoint, EasyPSK for Cisco Networks, and Endpoint Manager for
Cisco ISE. Each Service is consumed as a Context inside an
Organization.
Sign In
One of the four Services. Cloud-hosted guest network with a
Captive Portal and a range of sign-in methods. See
Sign In overview.
Sign In Module
An authentication method available inside a Sign-In Context.
Examples: Meeting Hosts, Email Self Provisioning, SAML Logins,
Username & Password.
SSO
Single Sign-On. A pattern where authenticating once with an
external identity provider grants access to multiple applications
without re-entering credentials. On the platform, SSO is delivered
through SAML. See
Admin Portal authentication.
User
A platform-level identity. One email per platform. Can be bound to
one or several Organizations with different role sets in each. See
Users and roles.
Webhook
An HTTP callback delivered when an event occurs. Subscribable at
Organization and Context scopes. See
Webhooks.
