Chat now with support
Chat with Support

Identity Manager 9.1.1 - Web Designer Web Application Configuration Guide

About this guide Configuring the Web Portal WebAuthn security keys Configuring the Application Governance Module Configuring the Password Reset Portal Recommendations for secure operation of web applications

Configuring the Password Reset Portal

The Password Reset Portal allows users to reset passwords of the user accounts they manage securely.

Setting up a Password Reset Portal

To utilize the Password Reset Portal, it must be installed as a dedicated web application. The necessary security is guaranteed by multi-factor authentication.

Installing the Password Reset Portal

Table 10: Configuration parameters for application tokens

Configuration parameter

Description

QER | Person | PasswordResetAuthenticator | ApplicationToken

Sets a application token for the Password Reset Portal.

During installation, you will be prompted to enter an application token. This application token functions like a password, which the web application uses to authenticate itself on the database. This ensures that the password can only be reset by the web application assigned for the purpose.

To install the Password Reset Portal

  1. Follow the step-by-step "To install the Web Portal" from "Installing the Web Portal" in the One Identity Manager Installation Guide.
  2. Select QER_PasswordWeb from Web Project.

    After selecting the web project, you are prompted to enter an application token.

  3. Select a sufficiently secure token and enter it in the box provided.

    The application token is saved as a hash value in the database in "QER | Person | PasswordResetAuthenticator | ApplicationToken" and stored encrypted in the file web.config.

Password Reset Portal authentication

Authentication on the Password Reset Portal differs from authentication on the Web Portal. Users can log in to Password Reset Portal using the following options:

Table 11: Authentication options

Login Type

Authentication Module Used

Application (QBMProduct)

Login with passcode.

Password reset (role-based), read-only.

Password reset, read-only.

Login using a secret password question.

Password reset (role-based), read-only.

Password reset, read-only.

Login with user name and password.

Specified in the web application configuration.

Specified in the web application configuration.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating