Service public address

This field is the canonical address of the service. This address is used to build links and URLs. In most cases this will be the same address as where the Management UI resides.

Depends on Trivore Identity Service.

REST service enabled

Enabling or disabling the REST service for this platform as a whole.

True (Checked)

LDAP server

The LDAP server can be enabled/disabled here. The LDAP server allows for users to use their accounts as authentication for other external services.

True (Checked)

Sign-in dialogue background image

A custom background image for the sign-in interface can be chosen here. The option to not use a background image and to use the default background image is also possible. Previewing will show a scaled down version of the currently selected background image.

Depends on Trivore Identity Service

Allow “Password forgotten?” recovery process

Disables/Enables the password recovery process found on the login screen. See https://trivore.atlassian.net/wiki/spaces/TISpubdoc/pages/20515340/Common+password-related+and+other+tasks#Password-recovery%2C-a.k.a.-forgotten-password section for more information

True (Checked)

Show “Refresh” button on top-bar

Disables/Enables the refresh button found on the top bar.

True (Checked)

Show “Maximise-Minimise” button on top-bar

This disables/enables the maximise-minimise button on the top bar.

True (Checked)

Always redirect user to sign-in

If enabled Trivore Identity System will redirect the user to the sign-in screen if user is not signed in and the user enters the root path.

True (Checked)

Redirect URI

If Always redirect user to sign-in is disabled a new redirect URI can be entered here.

N/A

Redirect to sign-in if IP-address matches rules

If Always redirect user to sign-in is disabled rules to redirect to sign-in screen instead of the new redirect URI.

Please refer to the on-screen instructions to find out more on how these rules work.

N/A

Persistent login enabled

Enables/disables the “Remember me” checkbox on the. This option is system-wide and will affect all users.

If this option is desirable only for certain users, please use group-policies for more accurate tweaking.

This option will also override the same option found in OpenID configuration.

True (Checked)

Allowed return URI values

Specify regular expression values, one per line. Values here can be used to redirect to a certain URI after resetting a password.

N/A

Error view’s Continue link

If there happens to be an error during the password reset process this link will be displayed for the user to continue

N/A

Namespace selection

Is namespace selection required to reset an user’s password. Requiring the namespace can reduce incorrect password reset initiations, if the entered login name matches multiple accounts in different namespaces.

Required to reset password

Namespace whose settings are used if no namespace if selected

If no namespace is required and no namespace is selected during password recovery process, this namespaces settings will be used during the user search.

No default namespace settings selected

When no matching users found

After user search has been performed and in the case of no user being found during the process, should the user be informed that no matching users were found.

Displaying this kind of information may reveal to the user that such users exists. It is a good idea to hide this information to strengthen privacy and security

Hide that no matching users were found

Allowed origin values

By default no site may embed or call with Javascript the /openid/auth location.

N/A

Extra allowed headers

Adds headers to the CORS Access-Control-Allow-Headers response.

By default no extra headers are allowed

N/A