Difference between revisions of "Authentication Settings"

From Studentnet Wiki
Jump to navigation Jump to search
 
(19 intermediate revisions by 3 users not shown)
Line 1: Line 1:
These are the identity provider settings, this makes it so you can allow users to have a "remember me" setting for logging into the dashboard.
+
==Authentication Settings==
  
[[File:idpsettings.png]]
+
Authentication Settings handle settings on how users log in.
  
You're able to customise the settings to allow a certain time range that users can stay logged in for before having to sign in again.
+
===Location===
 +
To get to the Authentication settings:
 +
#In the Cloudwork dashboard, click the menu bar>'''settings'''>'''Authentication Settings'''
 +
 
 +
[[File:Menu.png|300px]]
 +
 
 +
===Fields===
 +
[[File:Authsettings.png]]
 +
 
 +
*'''Enable Remember Me''': Display a Remember Me checkbox on the log in page to allow users to stay signed in after they close their browser
 +
*'''Remember Me Period''': Customise how many days a user can remain logged in for before requiring to sign in again.
 +
*'''SameSite settings for cookies''': Determine whether a cookie is available in third party contexts
 +
**'''None''': None should be selected so iframes will work
 +
**'''Lax''': support legacy devices
 +
**'''Strict''' strictest privacy protections on their cookies
 +
*'''Prefix Whitelist''': Domain Names entered in this field, will accept users logging in with their email instead of username
 +
*'''Login Identifier''': Select from drop down how users can login
 +
**'''Username and Primary Email''': Users can sign in with username or primary email address
 +
**'''Username and all email addresses''': Users can sign in with username or all email addresses
 +
**'''Username Only''': Users can only sign in with username
 +
*'''Transparent Sign On Whitelist''' IP addresses listed in this field, will be forced to login Cloudwork Authentication, instead of ADFS
 +
*'''User Agent Whitelist''' Users listed in this field will not have to use Cloudwork Authentication. This is handy to only allow certain users to login via certain browsers
 +
*'''User Agent Blacklist''': Users listed in this field will have to use Cloudwork Authentication. This is handy to only disallow certain users to login via certain browsers
 +
*'''IP Addressing Blocking''': IP Addresses entered into this field will not be authenticate through Cloudwork
 +
*'''Country Blocking''': From the drop down 3 options can be selected:
 +
**'''Allow all countries''': All countries are allowed to authenticate through Cloudwork
 +
**'''Allowed only specified countries''': Only user logging in from specified countries are allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to allow.
 +
**'''Block specified countries''': Users logging in from specified countries are not allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to block.
 +
*'''Allowed Logout Domains''': Allows for the filtering of logout URLs, IDP-first logout URLs should only work if they're listed in the Allowed Logout Domain field.
  
 
[[Category:Cloudwork Dashboard]]
 
[[Category:Cloudwork Dashboard]]

Latest revision as of 01:49, 25 July 2023

Authentication Settings

Authentication Settings handle settings on how users log in.

Location

To get to the Authentication settings:

  1. In the Cloudwork dashboard, click the menu bar>settings>Authentication Settings

Menu.png

Fields

Authsettings.png

  • Enable Remember Me: Display a Remember Me checkbox on the log in page to allow users to stay signed in after they close their browser
  • Remember Me Period: Customise how many days a user can remain logged in for before requiring to sign in again.
  • SameSite settings for cookies: Determine whether a cookie is available in third party contexts
    • None: None should be selected so iframes will work
    • Lax: support legacy devices
    • Strict strictest privacy protections on their cookies
  • Prefix Whitelist: Domain Names entered in this field, will accept users logging in with their email instead of username
  • Login Identifier: Select from drop down how users can login
    • Username and Primary Email: Users can sign in with username or primary email address
    • Username and all email addresses: Users can sign in with username or all email addresses
    • Username Only: Users can only sign in with username
  • Transparent Sign On Whitelist IP addresses listed in this field, will be forced to login Cloudwork Authentication, instead of ADFS
  • User Agent Whitelist Users listed in this field will not have to use Cloudwork Authentication. This is handy to only allow certain users to login via certain browsers
  • User Agent Blacklist: Users listed in this field will have to use Cloudwork Authentication. This is handy to only disallow certain users to login via certain browsers
  • IP Addressing Blocking: IP Addresses entered into this field will not be authenticate through Cloudwork
  • Country Blocking: From the drop down 3 options can be selected:
    • Allow all countries: All countries are allowed to authenticate through Cloudwork
    • Allowed only specified countries: Only user logging in from specified countries are allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to allow.
    • Block specified countries: Users logging in from specified countries are not allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to block.
  • Allowed Logout Domains: Allows for the filtering of logout URLs, IDP-first logout URLs should only work if they're listed in the Allowed Logout Domain field.