Skip to content

Authentication

After a fresh installation, there are few configurations that should be done before the application can be used properly.

User Creation Setting

There are two user creation settings under the System Parameters.

This setting will need to be changed to an appropriate option before starting on. To change this setting go to Solution Manager > Users and permissions > Users > User and press View User Creation Settings. This will navigate to the User creation setting in System Parameters page and there it can be updated.

Please refer Users for more information.

Password for New Users: This setting is used to determine how the passwords are set to users

  • Email
    By setting it to Email, the users will be sent an email to their email address with a verification link. So that users will get a chance to update their password and log in to the application. Inorder work with Emails, Setup SMTP Server from IAM.
  • Ask
    By default user creation setting is set to "Ask" and that will ask for a password when a user is created. But in case of an application upgrade from an earlier version to IFS Cloud, the existing users will not be migrated to the new application if the user creation setting is set to "Ask". In that case it should be changed to any of the other three options.
  • Username
    as username. This is not recommended for customer production environments due to its security risks.
  • Custom
    Administrators will have the ability to set a custom password value for all the users created.

Multiple login for users synchronized through SCIM: This setting demines how the users synchronized through SCIM logs to the system.

If the users synchoronized through SCIM, needs to user both default IDP and external IDP, you need to set this flag to ON.

IAM Client Setup

IIAM clients are already created and enabled for manadatory components like IFS Auren and IFS Connect. But the relevant clients for other components need to be created or enabled if those are already existing clients.

Please read Setup IAM Clients and Custom Clients for more information on IAM Client configurations.

External Identity Provider Setup

After the installtion of IFS Cloud, administrator has to set up optional identity providers if needed for user authentication.

IIFS IAM maintains its own registry of users and these users are kept synchronized with IFS users in the databse. By default this IAM user registry is used in IFS Cloud for authenticating users and users will be able to directly authenticate through IFS IAM. If this default user registry is used for authentication, it will not be necessary to set up optional identity providers.

If external identity provider services like Azure Active Directory are used for user authentication and sinlgle sign on, those need to be configured after the installation. This can be done by an adding external identity provider to IFS IAM to delegate the authentication./p>

Please read Identity and Access Manager and External Identity Providers for more information on identity provider configurations.