立即与支持人员聊天
与支持团队交流

Identity Manager 9.0 LTS - Authorization and Authentication Guide

About this guide One Identity Manager application roles Granting One Identity Manager schema permissions through permissions groups Managing permissions to program functions One Identity Manager authentication modules OAuth 2.0/OpenID Connect authentication Multi-factor authentication in One Identity Manager Granular permissions for the SQL Server and database Installing One Identity Redistributable STS Preventing blind SQL injection Program functions for starting the One Identity Manager tools Minimum access levels of One Identity Manager tools

Configuring authentication with OAuth 2.0/OpenID Connect in the Web Portal

To configure authentication with OAuth 2.0/OpenID Connect

  1. Start the Web Designer.

  2. Click the View > Home page menu item.

  3. On the home page, click Select web application and select the web application.

  4. Click Edit web application settings.

  5. In the Edit web application settings dialog, edit the web application settings.

    • Authentication module: Select OAuth 2.0/OpenID Connect (role-based).

    • OAuth 2.0/OpenID Connect configuration: Select the newly created identity provider.

    • Client ID for OAuth 2.0 authentication: Select the client ID that you specified when you configured RSTS.

    • Fingerprint of the OAuth 2.0 certificate: Specify the fingerprint of the signing certificate you selected when configuring the RSTS.

  6. Save the changes.
Related topics

Configuring authentication with OAuth 2.0/OpenID Connect

To configure authentication with OAuth 2.0/OpenID Connect

  1. In the Designer, select the Base data > Security settings > OAuth 2.0/OpenID Connect configuration category.

  2. In the list editor, select the newly created identity provider.

  3. Select the General tab and check the general configuration data of the identity provider.

    • Column to search: Select ADSAccount - ObjectGUID.

  4. Select the Applications tab and check the configuration of the OAuth 2.0/OpenID Connect application.

    • Default: enabled

    • Redirect URI: If you want to use multifactor authentication with the administration tools of the One Identity Manager, enter urn:InstalledApplication.

  5. Select the Database > Save to database and click Save.

Related topics

Granular permissions for the SQL Server and database

To implement a One Identity Manager database or a One Identity Manager History Database on a SQL Server or a managed instance in Azure SQL Database, you are provided with SQL Server logins and database users for administrative users, configuration users and end users. Permissions at server and database level are matched to suit the user's tasks.

Normally, you cannot edit users and permissions. It may be necessary to set up an additional database user to use a One Identity Manager History Database.

For more information about users and their permissions, see the One Identity Manager Installation Guide. and the One Identity Manager Data Archiving Administration Guide.

Related topics

Displaying database server logins

To display login information

  1. In the Designer, select the Base data > Security settings > Database server permissions > Database server login category.

  2. Select the database server login. The following information is displayed:

    • Login name: The user's SQL Server login.

    • Database server login: Type of database user.

    • Access level: The access level for logging in. The access levels displayed are End user, Configuration user, Administrative user, System administrator, and Unknown.

  3. To show the database roles and server roles that are assigned, select the Database or server role tab.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级