NOTE: Trivore ID Documentation has moved to https://trivoreid.com
The content on this site IS OUT OF DATE!
This space has been archived!
Please go ahead to the new site!
Platform - Base settings
Base settings covers the most important parts of the system.
Core | Description | Default value |
---|---|---|
Service public address | This field is the canonical address of the service. This address is used to build links and URLs. In most cases this will be the same address as where the Management UI resides. | Depends on Trivore Identity Service. |
REST service enabled | Enabling or disabling the REST service for this platform as a whole. | True (Checked) |
LDAP server | The LDAP server can be enabled/disabled here. The LDAP server allows for users to use their accounts as authentication for other external services. | True (Checked) |
Miscellaneous | Description | Default value |
---|---|---|
Sign-in dialogue background image | A custom background image for the sign-in interface can be chosen here. The option to not use a background image and to use the default background image is also possible. Previewing will show a scaled down version of the currently selected background image. | Depends on Trivore Identity Service |
Allow “Password forgotten?” recovery process | Disables/Enables the password recovery process found on the login screen. See Common password-related and other tasks | Password recovery, a.k.a. forgotten password section for more information | True (Checked) |
Show “Refresh” button on top-bar | Disables/Enables the refresh button found on the top bar. | True (Checked) |
Show “Maximise-Minimise” button on top-bar | This disables/enables the maximise-minimise button on the top bar. | True (Checked) |
Sign-in config | Description | Default value |
---|---|---|
Always redirect user to sign-in | If enabled Trivore Identity System will redirect the user to the sign-in screen if user is not signed in and the user enters the root path. | True (Checked) |
Redirect URI | If Always redirect user to sign-in is disabled a new redirect URI can be entered here. | N/A |
Redirect to sign-in if IP-address matches rules | If Always redirect user to sign-in is disabled rules to redirect to sign-in screen instead of the new redirect URI. Please refer to the on-screen instructions to find out more on how these rules work. | N/A |
Persistent login enabled | Enables/disables the “Remember me” checkbox on the. This option is system-wide and will affect all users. If this option is desirable only for certain users, please use group-policies for more accurate tweaking. This option will also override the same option found in OpenID configuration. | True (Checked) |
Password reset | Description | Default value |
---|---|---|
Allowed return URI values | Specify regular expression values, one per line. Values here can be used to redirect to a certain URI after resetting a password. | N/A |
Error view’s Continue link | If there happens to be an error during the password reset process this link will be displayed for the user to continue | N/A |
Namespace selection | Is namespace selection required to reset an user’s password. Requiring the namespace can reduce incorrect password reset initiations, if the entered login name matches multiple accounts in different namespaces. | Required to reset password |
Namespace whose settings are used if no namespace if selected | If no namespace is required and no namespace is selected during password recovery process, this namespaces settings will be used during the user search. | No default namespace settings selected |
When no matching users found | After user search has been performed and in the case of no user being found during the process, should the user be informed that no matching users were found. Displaying this kind of information may reveal to the user that such users exists. It is a good idea to hide this information to strengthen privacy and security | Hide that no matching users were found |
CORS | Description | Default value |
---|---|---|
Allowed origin values | By default no site may embed or call with Javascript the /openid/auth location. | N/A |
Extra allowed headers | Adds headers to the CORS Access-Control-Allow-Headers response. By default no extra headers are allowed | N/A |