Authentication Settings

From Studentnet Wiki
(Redirected from IdP settings)
Jump to navigation Jump to search

Authentication Settings

Authentication Settings handle settings on how users log in.

Location

To get to the Authentication settings:

  1. In the Cloudwork dashboard, click the menu bar>settings>Authentication Settings

Menu.png

Fields

Authsettings.png

  • Enable Remember Me: Display a Remember Me checkbox on the log in page to allow users to stay signed in after they close their browser
  • Remember Me Period: Customise how many days a user can remain logged in for before requiring to sign in again.
  • SameSite settings for cookies: Determine whether a cookie is available in third party contexts
    • None: None should be selected so iframes will work
    • Lax: support legacy devices
    • Strict strictest privacy protections on their cookies
  • Prefix Whitelist: Domain Names entered in this field, will accept users logging in with their email instead of username
  • Login Identifier: Select from drop down how users can login
    • Username and Primary Email: Users can sign in with username or primary email address
    • Username and all email addresses: Users can sign in with username or all email addresses
    • Username Only: Users can only sign in with username
  • Transparent Sign On Whitelist IP addresses listed in this field, will be forced to login Cloudwork Authentication, instead of ADFS
  • User Agent Whitelist Users listed in this field will not have to use Cloudwork Authentication. This is handy to only allow certain users to login via certain browsers
  • User Agent Blacklist: Users listed in this field will have to use Cloudwork Authentication. This is handy to only disallow certain users to login via certain browsers
  • IP Addressing Blocking: IP Addresses entered into this field will not be authenticate through Cloudwork
  • Country Blocking: From the drop down 3 options can be selected:
    • Allow all countries: All countries are allowed to authenticate through Cloudwork
    • Allowed only specified countries: Only user logging in from specified countries are allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to allow.
    • Block specified countries: Users logging in from specified countries are not allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to block.
  • Allowed Logout Domains: Allows for the filtering of logout URLs, IDP-first logout URLs should only work if they're listed in the Allowed Logout Domain field.