Edit Identity Provider's Settings

Follow

Introduction

There is a big difference between the built-in IDP (IDHUB_IDP_UP) and the others:

  • This is where you provide a logo for the Identity Provider
  • For the Built-in IDP, this is also where you specify the password requirements

Branding

The provided logo is applied on the IDP selection page.  The current logo is displayed, but it's possible to provide a new logo file:

  1. Choose file -> Select a file from your PC to upload
  2. Click "Upload Image File"

Note that the expected image format is .png

Password settings

These settings are only available for the IDHUB_IDP_UP, because it's the only IDP that stores its credentials locally. 

Expiration Policy

Field Description
Gracetime Indicates the number of days left in which the user needs to change his password.
This is displayed in the form of pop-up alert message the user when the days left begin to elapse.
Initial Lifetime Indicates the number of days until the password will expire after it is initially created.
Lifetime Indicates the number of day for which the password can be used
Reset lifetime The time that needs to pass before a password can be reset again
Max. Login Attempts Indicates how many failed login attempts can be made before the account is locked.
Lock Time Indicates how long the account will be locked

Password Policy

Field Description
Min password length The minimum amount of characters a password must contain
Max password length The maximum amount of characters a password may contain
Min lowercase characters The minimum amount of lowercase characters a password must contain
Min uppercase characters The minimum amount of uppercase characters a password must contain
Min digits The minimum amount of numerical characters a password must contain
Min special characters The minimum amount of special characters a password must contain. The next field specifies which characters constitute as "special"
Special characters A list of characters allowed in password and deemed 'special' characters.  Letters and numbers are excluded
Forbidden words A list of character combinations that is not allowed to use in passwords (eg. 123456)
Trim password This indicates whether the password would accept spaces  as part of the characters of the password.
If the "Trim Password" property is  checked then any spaces used before and behind the password would not be regarded  as part of the password characters.
Algorithm This algorithm will be used to hash the password into an unreadable string of text.
There are two options: SHA-256 or a stronger hashed algorithm SHA-512.
If you change the algorithm from SHA-256 to SHA-512, all  previous password set using the first algorithm will continue to use  this algorithm until the user changes his password.
Use Salt? Enable the use of a SALT to further secure the password hash.  Salts are used to safeguard passwords in storage; making each hashed password unique,  as it randomly generated for each password.  
Have more questions? Submit a request

Comments