立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Web Application Configuration Guide

About this guide Managing the API Server Configuring API projects and web applications Recommendations for secure operation of web applications

Configuring Password Reset Portal authentication

Authentication on the Password Reset Portal differs from authentication on the Web Portal. Users can log in to Password Reset Portal using the following options:

Detailed information about this topic

Configuring Password Reset Portal login with a passcode

NOTE: This step is only required if you are using the ImxClient command line tool to host an API Server locally. For more information about the ImxClient command line tool, see the One Identity Manager API Development Guide.

Users can use the passcode they received from their manager to log in to the Password Reset Portal.

To configure login with a passcode

  1. In the API Server's installation directory, open the imxclient.exe.config file.

    NOTE: If the file is encrypted, decrypt it first.

  2. Add the following entry:

    <add name="QER\Person\PasswordResetAuthenticator\ApplicationToken" connectionString="<API Server application token>"/>
  3. Save your changes to the file.

    NOTE: If the file was encrypted beforehand, encrypt it again.

Configuring Password Reset Portal login with password questions

If Web Portal users forget their password, they can login in to the Password Reset Portal with the help of the password questions and set a new password.

To configure the use of password questions.

  1. Start the Designer program.

  2. Connect to the relevant database.

  3. Configure the following configuration parameters:

    TIP: To find out how to edit configuration parameters in Designer, see the One Identity Manager Configuration Guide.

    • QER | Person | PasswordResetAuthenticator | QueryAnswerDefinitions: Specify how many password questions and answers users must enter. Users who do not enter enough or any questions and answers, cannot log in to the Password Reset Portal using their password questions.

      NOTE: The value must not be less than the value in the QueryAnswerRequests configuration parameter.

    • QER | Person | PasswordResetAuthenticator | QueryAnswerRequests: Specify how many password questions users have to answer before they can log in to the Password Reset Portal.

      NOTE: The value must not be higher than the value in the QueryAnswerDefinitions configuration parameter.

    • QER | Person | PasswordResetAuthenticator | InvalidateUsedQuery: Specify how many new password questions and answers users must enter after they have successfully logged in to the Password Reset Portal. If this option is enabled, correctly answered password questions are deleted after logging in to Password Reset Portal.

Recommendations for secure operation of web applications

Here are some solutions that have been tried and tested in conjunction with One Identity Manager tools to guarantee secure operation of One Identity web applications. You decide which security measures are appropriate for your individually customized web applications.

Detailed information about this topic
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级