Custom activities are activities whose behavior is defined by a PowerShell script. You can create a custom activity from scratch or convert a built-in activity to a custom one. For more information, see Custom Activities and refer to the Password Manager SDK.
The built-in web service allows a third-party system to access a whole workflow or a specific activity using HTTP and data exchange in XML and JSON formats. You can use the built-in web service to run a workflow and to interfere in a workflow running process. For more information, see the Password Manager SDK. For experimenting with the built-in web service, a Swagger UI is provided. For more information on how to use Swagger UI, see https://swagger.io/tools/swagger-ui/.
NOTE: The extensibility features are only supported by One Identity Professional Services, and are not covered by One Identity Technical Support.
Custom web services allow you to further extend the Password Manager functionality and enable scenarios that cannot be implemented with custom activities and the built-in web service. For example, you can create a custom web service that assigns passcodes to users employing the assign passcode functionality in Password Manager. For more information, see the Password Manager SDK.
Import/export of activities and workflows allows you to copy and share custom activities and workflows. For more information, see Importing and exporting workflows and Importing and exporting custom activities.
The troubleshooting mode provides you additional information about workflows and activities and their execution. When this mode is enabled, on the Administration Site you can view identifiers of workflow and activities; you can use these identifiers in PowerShell scripts. On the Self-Service Site, you can view the PowerShell output that allows you to troubleshoot the scripts.
RADIUS Two-Factor Authentication enables two-factor authentication on Password Manager. RADIUS Two-Factor Authentication uses one-time passwords to authenticate users on the Self-Service Site and Helpdesk Site.
To configure RADIUS Two-Factor Authentication in Password Manager, you have to configure the RADIUS server details in Password Manager.
To configure RADIUS Two-Factor Authentication:
-
On the home page of the Administration Site, click General Settings > RADIUS Two-Factor.
The RADIUS Two-Factor Authentication page is displayed.
-
To add a new RADIUS server for authentication, click Add RADIUS server.
RADIUS Two-Factor Authentication page is displayed.
NOTE: You can add only two servers, one is used as a primary server and the other as a secondary server. The server that is created first is considered as the primary server and used for RADIUS authentication.
-
In the RADIUS Server (IP address or hostname) field, enter the RADIUS server IP address.
-
In the Port number field, enter the port number assigned during configuration of RADIUS.
-
In the RADIUS Shared Secret field, enter the password set during RADIUS configuration.
-
Specify the ADLDS attribute to authenticate the user from the drop-down menu.
-
From the Additional RADIUS Attribute section, select the required RADIUS attribute from the drop-down menu. Specify the value for the selected attribute and click +.
The RADIUS attributes and the corresponding values that you add is displayed.
NOTE: The following RADIUS attributes are supported: NAS-IP-Address, NAS-Port, NAS-Port-Type, and NAS-Identifier.
-
Click Save.
Administrators can define URLs and labels to form a link on Administration Site, Helpdesk Site and Self-Service Site, to allow users to give feedback on Password Manager.
To enable feedback on a site
-
Navigate to General Settings > Internal Feedback.
-
Enable feedback, and provide a non-empty label and a non-empty URL.
NOTE: If the provided label or URL is empty, the feedback link will not appear on the configured site.
In case of Administration Site feedbacks, the Feedback button will be displayed after a new session is opened, for example, by logging out and then logging in.
The following sections describe Password Manager components and third-party applications.