We are continuing to work to give you added control over your team's security. Many of the features on the Team Security page were user requests that we have implemented.
First head to My account
and then navigate to the Team security
page under the ACCESS CONTROL
header on the left-hand side of the page.
Hard expiry on session
You can enable this feature that will force all team members to re-authenticate with Gearset every 18 hours.
This is in addition, to any Gearset session expiring after 3 hours of inactivity, whether this option is enabled or not.
Permissions
Creating a comparison with local files as the source
By disabling this permission you will prevent team members from being able to use local files for metadata comparisons.
Download deployment packages
If you disable this permission, it will remove the Download package option from the deployment history page.
Using Personal Access Tokens to interact with the Gearset API
If you disable this permission, you will stop team members from being able to configure Personal Access Tokens or use existing tokens for use with the Gearset API.
Connected Services
Here you can restrict which endpoints your team members can connect to.
Restrict access using patterns including ? and * wildcards, separated by newlines or commas. You can leave it empty to allow connections to any endpoint. Note that this will affect your already established org connections as well.
Source control providers
Choose the source control provider you'd like to add restrictions to from the dropdown.
Restrict access to repositories using patterns including ? and * wildcards, separated by newlines, commas, or spaces.
Note that you need to take the info from the ‘clone’ section on their repo. For example, you need to enter https://gitprovider.com/orgname/reponame.git
instead of just https://gitprovider.com/username/reponame
.