IDP Global Settings

IDP Global Settings

0 views November 13, 2018 November 28, 2018 0

Overview

This section list all different IDP/ Product Global Settings available to a customer for customizations.

Following is the list of sections you can view or enable for your account –

  1. Server Settings
  2. Account Details
  3. Add User Preferences
  4. User Login Preferences
  5. User Self-Registration Workflow
  6. User Re-Verification Settings
  7. User Dashboard Preferences
  8. IdP Initiated Single Logout
  9. Device Profiles Expiry Time
  10. Enable Logging

Login to miniorange admin console -> Navigate to Settings icon on the top right corner of the header and click on Settings icon to view and enable any global settings.

 Server Settings / Account Details

You can change the domain URL where the On-Premise version of IdP is hosted as shown in below screenshot.

When you create an account with us these 3 keys get generated for your account required for any API Calls for user operations/ 2FA integration using APIs, etc. –

  1. Customer Key
  2. Customer API Key
  3. Customer Token Key

Add User Preferences / User Login Preferences

Following options are available in Add User Preferences Section to add user from admin or for self-user registration workflows:

  1. Enable sending activation email with password reset link after user registration.
  2. Enable Inline Registration for users.
  3. Enable User Auto-Registration. (A CSV list with passwords for all the uploaded users will be made available to you.)

Following options are available in User Login Preferences Section –

  1. Force Users to change the password on first login
  2. Enable login with phone number
  3. Enable shared user login for users
  4. Set Maximum Login Attempts allowed
  5. Disable User login Time Period

User Self-Registration Workflow

You can also customize user sign-up workflow. Following options can be enabled for self user-registration/ signup. Please see the screenshot below –

  1. Redirect user to SSO app after registration – By default, after user signup, a user will see a default page showing thanks for registration message with a link to redirect to login page. Once you enable this option, if a user has first initiated sso request from his application and then clicked the create account link since he has no account. After successful registration, he will be redirected to his app and logged in as the user created.
  2. Verify User via OTP on phone after registration – You can enable this option to add a verification option before registration completion to verify user via valid phone number.
  3.  Provision User to Third -Party App before registration – There are few cases where customer has any CRM/AD or any user data store where all users are created first or need to be maintained always. So, in that case. You can enable this option to first create the user in your existing data store and then create in IDP using the unique identifier/username generated using the CRM.

User Re-Verification Settings

Enabling this option will force users to re-verify themselves periodically. Manage when users get notified about the re-verification and the time period when users will be able to re-verify themselves after which their account would be disabled.

You can also configure the following things –

  1. Re-verify users every (months)  – You can specify the number of months after which re-verification should be invoked.
  2. Notify Users of re-verification before (days) – You can specify the number of days before which users should be notified about re-verification.
  3. Re-verification Period (days) – You can specify the number of days after which re-verification should be invoked.

 

User Dashboard Settings

Enable Logging

You can set the logging level of the product as shown in the screenshot below. Default logging level is ALL. You can choose from the following options and change the logging level to any of them-

  1. ALL
  2. TRACE
  3. DEBUG
  4.  INFO
  5. WARN
  6. ERROR
  7. FATAL
  8. OFF

It is recommended to change it to Error for production environments for best performance. Once you save the logging level there is no need to restart the server for changes to take effect but you should not perform this operation very frequently.

Note: Any changes you make here are not persisted across server restarts. You will need to edit ‘WEB-INF/classes/log4j.properties’ to change levels permanently.