Authentication Settings

From Studentnet Wiki
Revision as of 01:49, 25 July 2023 by Jrobertson (talk | contribs) (→‎Fields)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Authentication Settings

Authentication Settings handle settings on how users log in.

Location

To get to the Authentication settings:

  1. In the Cloudwork dashboard, click the menu bar>settings>Authentication Settings

Menu.png

Fields

Authsettings.png

  • Enable Remember Me: Display a Remember Me checkbox on the log in page to allow users to stay signed in after they close their browser
  • Remember Me Period: Customise how many days a user can remain logged in for before requiring to sign in again.
  • SameSite settings for cookies: Determine whether a cookie is available in third party contexts
    • None: None should be selected so iframes will work
    • Lax: support legacy devices
    • Strict strictest privacy protections on their cookies
  • Prefix Whitelist: Domain Names entered in this field, will accept users logging in with their email instead of username
  • Login Identifier: Select from drop down how users can login
    • Username and Primary Email: Users can sign in with username or primary email address
    • Username and all email addresses: Users can sign in with username or all email addresses
    • Username Only: Users can only sign in with username
  • Transparent Sign On Whitelist IP addresses listed in this field, will be forced to login Cloudwork Authentication, instead of ADFS
  • User Agent Whitelist Users listed in this field will not have to use Cloudwork Authentication. This is handy to only allow certain users to login via certain browsers
  • User Agent Blacklist: Users listed in this field will have to use Cloudwork Authentication. This is handy to only disallow certain users to login via certain browsers
  • IP Addressing Blocking: IP Addresses entered into this field will not be authenticate through Cloudwork
  • Country Blocking: From the drop down 3 options can be selected:
    • Allow all countries: All countries are allowed to authenticate through Cloudwork
    • Allowed only specified countries: Only user logging in from specified countries are allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to allow.
    • Block specified countries: Users logging in from specified countries are not allowed to authenticate through Cloudwork, another form will appear underneath from which you can select which countries to block.
  • Allowed Logout Domains: Allows for the filtering of logout URLs, IDP-first logout URLs should only work if they're listed in the Allowed Logout Domain field.