BEWARE! If you are using Active Directory integration then any applications are exposed if you also have “Available to everyone in your organisation” set. This means that anyone in your organisation then has access to those applications.
If this is a published application and you have provided the URL to anyone, then they will also be able to truncate the URL, exposing Orchestrator and any of the tools.
You need to ensure that your Data Services and entities have access defined appropriately using Groups, and Roles to define access permissions to specific Entities.
ALSO, ensure that you have hidden the Navigation bar/widgets and Downloads in Admin->Organisation->Settings->Advanced.
1 Like