This feature ensures that users cannot log in to the Mavis platform outside of designated working hours (as defined by the administrator’s login policy).
When a user attempts to log in outside of permitted hours, they must submit a Login Authorization Request Form, and only after the approver grants access can the user log in to the Mavis platform.
1. Enabling the Just-In-Time Access Feature
Once the Just-In-Time (JIT) access feature is enabled, users with Administrator, Project Manager, or Approver roles will see approval-related functions available on the MAVIS frontend.
Administrators can view and review approval requests for all projects, but cannot review their own requests.
Project Managers, Approvers, or users assigned to the Approval Form role can view and review requests for assigned projects only, and cannot review their own requests.
2. Configuring the System Time Zone
Administrators can adjust the local server’s time zone settings to ensure accurate scheduling, alert triggers, and policy enforcement.
(Example: Set allowed login hours to 9:00 AM – 6:00 PM, UTC+8)
Steps:
Click System Management
Click Basic Settings
Click the Edit icon
Select Use Local Time Zone for Mavis
Click OK
| 1. 點擊 系統管理 2. 點擊 基本設定 3. 點擊 編輯圖示 4. 選擇 Mavis 使用本地時區 5. 點擊 ok |
3. Defining User Login Policy for Mavis
Steps:
Click System Policy
Click Create Policy
| 1. 點擊 系統政策 2. 點擊 創建政策 |
Policy Name: Enter a custom name
Policy Checkpoint: Select Login
Action: Select Allow
Alert: Click Enable
Alert Condition: Choose Notify When Out of Range
Click Next
| 3. 政策名稱:輸入自定義名稱 4. 政策檢核點:選擇「登入」 5. 動作: 選擇「允許」 6. 警示: 點擊 「啟用按鈕」 7. 警示通知條件: 選擇「超出範圍時通知」 8. 點擊 「下一步」 |
Example configuration:
Users are only allowed to log in during work hours and from office network IP ranges.
Weekly Schedule: Select working days (e.g., Monday to Friday)
Time Range: Enter working hours (e.g., 08:00–18:00)
IP Address: Enter office network segment (e.g., 172.16.100)
Alert: Click Enable
| 此範例設定為上班時間且 IP 來源為辦公室網段才能登入 Mavis 9. 每周:選擇 工作時間段 (此範例選擇星期一到星期五) 10. 時間:輸入 工作時間 (此範例早上八點到下午六點) 11. IP 位址:輸入公司網段 (此範例辦公室網段 172.16.100 ) 12. 警示:點擊 「啟用按鈕」 |
Click Finish
| 13. 點擊 「完成」 |
4. User Login Request When Access Is Blocked
If a user attempts to log in outside of permitted hours, the system will display a “Login Blocked” prompt.
Steps:
Click Request Login Authorization
| 1. 點擊 申請連線登入權限 |
Login Duration: Specify the desired login period for Mavis
IP Address: Enter your IP address (e.g., office network IP)
Assigned Approver: Select the approver for this login request
Reason: Enter the purpose for login
Click Submit
| 2. 登錄期限:申請要登入使用 Mavis 時間 3. IP 位址:輸入自己的 IP (此範例為辦公室網段IP) 4. 指派的審核者:指定審核者來審核此登入申請單 5. 原因:輸入申請原因 6. 點擊 提交 |
| 7. 點擊 OK (已成功送出申請單) |
5. Reviewing Login Authorization Requests (For Approvers)
Important Notes:
Approvers cannot review their own requests.
Requests must be reviewed within 8 hours after submission; otherwise, they will expire automatically.
Review Steps:
Click Approval Form
Click the Request ID to view login request details
| 1. 點擊 審核表單 2. 點擊 申請單號 檢視登入請求資訊 |
Review the request information
Click Back
| 3. 檢視 申請資訊 4. 點擊 回上一頁 |
Select the request form
Review: Choose Approve or Reject (example: Approve)
| 5. 勾選 該申請表單 6. 審核 :核准或駁回 (此範例點選核准) |
Once approved, the user will immediately gain login access to the Mavis platform.
6. Viewing Request History
| 6. 點擊 歷程 檢視歷史表單 |
Click History to review past forms
| 7. 檢視歷史表單審核狀態 |
| Status | Description |
|---|---|
| Pending | The request has been submitted but not yet reviewed or recalled. Once submitted, it cannot be edited by the requester. |
| Expired | The approver did not act within the review window; the request expired automatically. |
| Approved | The request has been reviewed and approved. |
| Rejected | The request has been reviewed and rejected. |
| Revoked | A previously approved request has been revoked by the approver. Superusers, Project Managers, and Approvers can revoke approved requests, but cannot revoke their own. |
Approved login requests may be revoked at any time.
Once revoked, the user will be immediately logged out of the Mavis platform.
| 8. 已審核並核准的表單可被撤銷,撤銷後使用者將立即被登出。 |