Authentication Settings

From Studentnet Wiki
Revision as of 06:30, 15 April 2025 by Dlim (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Authentication Settings

Authentication Settings handle settings on how users log in.

Location

To get to the Authentication settings:

  1. In the Cloudwork dashboard, click the menu bar>Settings>Authentication Settings

Menu.png

Fields

Authenticationsettings1.png

  • SameSite settings for cookies: Determine whether a cookie is available in third party contexts
    • None: None should be selected so iframes will work
    • Lax: support legacy devices
    • Strict strictest privacy protections on their cookies
  • Prefix Whitelist: Domain Names entered in this field, will accept users logging in with their email instead of username
  • Login Identifier: Select from drop down how users can login
  • Legacy Transparent Sign On Whitelist IP addresses listed in this field, will be forced to login Cloudwork Authentication, instead of ADFS
  • Legacy User Agent Whitelist Users listed in this field will not have to use Cloudwork Authentication. This is handy to only allow certain users to login via certain browsers
  • Legacy User Agent Blacklist: Users listed in this field will have to use Cloudwork Authentication. This is handy to only disallow certain users to login via certain browsers
  • Allowed Logout Domains: Allows for the filtering of logout URLs, IDP-first logout URLs should only work if they're listed in the Allowed Logout Domain field.
  • Allowed Third Party Authentication Providers: Listed Third Party Authentication partners that users are allowed to login through
  • Require Third Party Authentication Verification: Controls whether to trust email attribute from third-party authentication providers to link accounts. If enabled, all users logging in for the first time with a third-party account will need to complete the email based account verification workflow.
  • Third Party Authentication OUs: List of OUs that allow users to login with the enabled third-party authentication providers
  • Third Party Auth IP Filtering: Select option to allow or deny login from specified IPs to third party auth providers. (Deny/Allow)
  • Third Party Auth Deny IPs: Comma separated list of IP addresses. Users from these IPs will not see the option to login with a third-party authentication provider.
  • MFA App Number Matching: Whether number matching is enabled in the Cloudwork MFA app. Note that if you require number matching, users may need to update their MFA app before they can login. Pick between Do not use, use if able, or required.
Retrieved from "https://wiki.studentnet.net/index.php?title=Authentication_Settings&oldid=2650"