Cloud Management Administrator

This article covers organization admin functionalities, which are available to certain users with contracts covering unlimited database creation. 


Table of Contents


Cloud Management Admin Permissions

Everlaw’s cloud connectors allow users to directly collect and upload data from a range of sources and applications. For a subset of these connectors, Everlaw allows users to store and manage credentials for these applications directly within Everlaw. This is useful if you want to enable users in your organization to perform continuous collections, or collect over time. 

Users who have Cloud Management Administrator (“CMA”) permissions have the ability to:

  1. Access the Cloud Management section of the Organization Admin page and connect cloud sources and applications to Everlaw
  2. View and manage sources and applications they’ve connected to Everlaw, and 
  3. Grant other users in their organization permission to upload data from these sources and applications.

For information on adding CMAs to your organization, read the "Creating Cloud Management Admins" section of our Organization Admin article

Connecting Cloud Sources and Applications to your Everlaw Organization


Cloud Management Admins that are also Global Admins on Microsoft 365 can connect their Microsoft organizations to Everlaw. Connecting a Microsoft organization to Everlaw allows cloud management administrators with Global Admin permissions on their Microsoft organization the ability to create a list of delegated users that are able to perform cloud uploads from Microsoft 365 (also known as Office 365, O365, or M365), regardless of their permissions on the Microsoft organization.

To connect your Microsoft organization with your Everlaw organization, navigate to the Cloud Management tab of the Organization page. 



Any account that has Cloud Management permissions (but not Org Admin permissions), and is not added to any projects will be automatically taken to this page directly after logging in. If you are not on the Organization page, it can be found by clicking the Organization icon in the top right of the screen. 


Once on the Cloud Management tab of the Organization page, adding a Microsoft organization can be done by clicking the green “+ Add Microsoft organization” button in the top right of the screen. This button will open a Microsoft login screen where you can log in with your Global Admin credentials. Everlaw requires a Microsoft Global Admin to give consent on behalf of the Microsoft organization for Everlaw to access your data.  

Added organizations will appear in the table, as well as any users that can access that organization’s data. You will automatically be added to any organizations you connect to Everlaw. Cloud Management Admins can rename any cloud organizations they have added by clicking the pencil icon in the Actions column. Renamed organizations will have their original name displayed in parentheses below their new name.



You can connect multiple Microsoft organizations, and they will each appear as their own entry in this list. Organization Admins can see all connected cloud organizations that have been added to their Everlaw organization, while Cloud Management Admins will only be able to see connected cloud organizations that they added, or to which they have been added. 

Once this connection has been established, Everlaw will be connected as an application to the M365 organization. This connection is independent of the user that established it. To revoke access, Everlaw must be removed as an approved application. 

Please see our article about uploading Microsoft 365 data to learn more.


Cloud Management Admins who have access to an Asana Workspace service token can securely store and delegate this token for use in Everlaw. Service tokens are only available for Asana customers on the enterprise tier. They allow users to generate exports of Asana data for upload. 


To add a new service token, click the “Add Asana organization” button on the Asana Cloud Admin page and enter the workspace ID and service token associated with your Asana account. 



If both values are valid, the Asana workspace will be added to the table and the token will be stored securely in Everlaw for use. 


The stored token for a given organization can be deleted by clicking the trashcan icon in the corresponding row. Service tokens can also be revoked from your Asana admin console, which will render them invalid for authentication purposes even if they remain stored in Everlaw.  

To rename an associated Asana Workspace, click the pencil icon in the corresponding row and input a new name. This new name will be the Workspace’s display name across Everlaw, but Everlaw will retain the canonical name and display it below the new name. 


To learn more about uploading Asana data, see this article


Delegating Upload Permissions

Cloud Admins must have valid credentials for a source or application to connect it with Everlaw. But, once connected, Cloud Admins have the further ability to delegate these credentials for use by other users within an organization. These delegated users will not be able to see or manage these stored credentials, but they can use them to authenticate exports that are then uploaded into Everlaw. 


To delegate permissions for a connected source, click the green plus icon in the Actions column of the corresponding row. You may be asked to authenticate again with valid credentials before proceeding. In the dialog box that appears, you can select users in your organization. Once you confirm each user’s email, click Grant access and the users will be added as authorized uploaders of the organization’s data. 


⚠️ Take caution: Authorizing a user to upload data from a source or application will allow them to upload all of your organization's data, even if they would otherwise not have permissions to see or access this data. Any users you delegate permissions to will have the ability to upload, and therefore access, all of your organization’s data from a particular source or application. You should only delegate to trusted users.



Users that have been delegated permission to upload data from a source or application will be listed. The Cloud Admin that granted them permission will also be listed, as well as the date and time they were granted access.


Revoking a delegation can be done at any time by clicking the “x” next to the user’s name. Revoking permissions can be done by any user with Cloud Admin permissions, regardless of whether they originally added the source or application, or authorized the delegation.

By default, cloud management administrators will receive notifications when delegated users start uploads using the Office 365 connector. This provides cloud management administrators visibility into the uploads being performed on Everlaw. 

0365 sreenshot.png



Have more questions? Submit a request


Please sign in to leave a comment.