立即与支持人员聊天
与支持团队交流

Identity Manager 8.2.1 - Web Designer Web Application Configuration Guide

About this guide Configuring the Web Portal WebAuthn security keys Multi-factor authentication Configuring the Application Governance Module Configuring the Password Reset Portal Recommendations for secure operation of web applications

Logging in without multi-factor authentication

You can specify that all users can log in to the web application without multi-factor authentication.

Required configuration key:

  • VI_Common_AccessControl_Starling_AllowUnregistered: Specifies whether users that are not registered for multi-factor authentication are allowed to access the web application.

To allow login without multi-factor authentication for all users

  1. Open the Web Designer.
  2. Open a module and search for VI_Common_AccessControl_Starling_AllowUnregistered in the definition tree view.
  3. Mark the configuration parameter VI_Common_AccessControl_Starling_AllowUnregistered in the definition tree view.
  4. Set the value in the node editor view to true.

Activating Starling Two-Factor Authentication for the Operations Support Web Portal

On the API Server, you can enable Starling 2FA for the Operations Support Web Portal.

To enable Starling Two-Factor Authentication for the Operations Support Web Portal

  1. Start the API Designer program.

  2. In the menu bar, click View > Navigation.

  3. In the navigation, click API projects.

  4. In the tree view, double-click on the QBM_OperationsSupport project.

  5. In the definition tree view, right-click (Authentication) node.

  6. In the context menu, click Object in extension > Add to extension <extension name> > Authentication module.

  7. In the menu bar, click View > Node editor.

  8. In the definition tree view, click the newly created Second authentication factor.

  9. In the Node editor pane, tick the Second authentication factor box.

  10. In the menu, click Starling 2FA.

Configuring the Application Governance Module

The Application Governance Module allows you to quickly and simply run the onboarding process for new applications from one place using one tool. An application created with the Application Governance Module combines all the permissions application users require for their regular work. You can assign entitlements and roles to your application and plan when they become available as service items (for example, in the Web Portal).

Related topics

Configuring entitlements

To enable employees to view, create, and manage applications as well as approve requests for application products in the Web Portal, you must assign specific application roles to employees.

NOTE: Managing an application involves the following:

  • Editing the application's main data and the assigned entitlements and roles

  • Assigning entitlements and roles to the application

  • Unassigning entitlements and roles from the application

  • Deploying the application and associated entitlements and roles

  • Undeploying the application and its associated permissions and roles

To assign an application role for application governance to employees

  1. Start the Manager program.

  2. Connect to the relevant database.

  3. Select the One Identity Manager Administration category.

  4. In the upper navigation pane, click the application role you want to assign to employees:

    • Application Governance | Administrators: Members of this application role create new applications and manage all applications in the Web Portal.

    • Application Governance | Owners: If this application role is assigned to an application as an owner application role, the members manage the application in the Web Portal.

    • Application Governance | Approvers: If this application role is assigned to an application as an approver application role, the members can approve requests for products of this application (if the BE - Approver of an application approval procedure is used).

  5. In the Tasks pane, select the Assign employees task.

  6. In the Add Assignments area, double-click the employees to whom you want to assign the application role.

  7. Click (Save).

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级