Chat now with support
Chat mit Support

Identity Manager 9.2 - Web Designer Web Application Configuration Guide

About this guide Configuring the Web Portal Configuring self-registration of new users Configuring the Password Reset Portal WebAuthn security keys Configuring the Application Governance Module Recommendations for secure operation of web applications

Setting up a Password Reset Portal

To utilize the Password Reset Portal, it must be installed as a dedicated web application. The necessary security is guaranteed by multi-factor authentication.

Detailed information about this topic

Installing the Password Reset Portal

Table 10: Configuration parameters for application tokens

Configuration parameter

Description

QER | Person | PasswordResetAuthenticator | ApplicationToken

Sets a application token for the Password Reset Portal.

During installation, you will be prompted to enter an application token. This application token functions like a password, which the web application uses to authenticate itself on the database. This ensures that the password can only be reset by the web application assigned for the purpose.

To install the Password Reset Portal

  1. Follow the step-by-step "To install the Web Portal" from "Installing the Web Portal" in the One Identity Manager Installation Guide.
  2. Select QER_PasswordWeb from Web Project.

    After selecting the web project, you are prompted to enter an application token.

  3. Select a sufficiently secure token and enter it in the box provided.

    The application token is saved as a hash value in the database in the QER | Person | PasswordResetAuthenticator | ApplicationToken parameter and stored encrypted in the web.config file.

Password Reset Portal authentication

Authentication on the Password Reset Portal differs from authentication on the Web Portal. Users can log in to Password Reset Portal using the following options:

Table 11: Authentication options

Login Type

Authentication Module Used

Application (QBMProduct)

Login with passcode.

Password reset (role-based), read-only.

Password reset, read-only.

Login using a secret password question.

Password reset (role-based), read-only.

Password reset, read-only.

Login with user name and password.

Specified in the web application configuration.

Specified in the web application configuration.

Detailed information about this topic

Configuring Password Reset Portal login with password questions

If Web Portal users forget their password, they can login in to the Password Reset Portal with the help of the password questions and set a new password.

To configure the use of password questions.

  1. Start the Designer program.

  2. Connect to the relevant database.

  3. Configure the following configuration parameters:

    TIP: To find out how to edit configuration parameters in Designer, see the One Identity Manager Configuration Guide.

    • QER | Person | PasswordResetAuthenticator | QueryAnswerDefinitions: Specify how many password questions and answers users must enter. Users who do not enter enough or any questions and answers, cannot log in to the Password Reset Portal using their password questions.

      NOTE: The value must not be less than the value in the QueryAnswerRequests configuration parameter.

    • QER | Person | PasswordResetAuthenticator | QueryAnswerRequests: Specify how many password questions users have to answer before they can log in to the Password Reset Portal.

      NOTE: The value must not be higher than the value in the QueryAnswerDefinitions configuration parameter.

    • QER | Person | PasswordResetAuthenticator | InvalidateUsedQuery: Specify how many new password questions and answers users must enter after they have successfully logged in to the Password Reset Portal. If this option is enabled, correctly answered password questions are deleted after logging in to Password Reset Portal.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen