Tenant Configuration Options
Details
Parameter |
Description |
Name |
The display name of the Tenant. |
URL Segment |
The URL segment of the Tenant. (https://www.theidentityhub.com/{tenant}) |
Email address |
|
Telephone number |
|
Organization number |
|
Address |
The address of the organization that owns the Tenant. |
Token Signing Certificate |
This is the Token Signing certificate for apps connecting via WSFed. This is the Identity Provider Signing certificate for apps connecting via SAMLP. This is the JWT Signing certificate for apps connecting via OpenId. |
Appearance
Parameter |
Description |
Default |
Theme accent color |
The color that is applied to the UI for the Tenant. |
|
Always show welcome text |
The welcome text is always shown, even if the Account Provider is selected via a query string parameter |
false |
Welcome Text |
The text to show on the view where the user selects the Account Provider to authenticate with. Supports Markdown. |
|
Preview |
Preview of the Welcome text. |
|
Administration
Parameter |
Description |
Default |
Plan type |
|
|
Security
Parameter |
Description |
Default |
Allow self-signed certificates |
To allow self-signed certificates to be uploaded and used. |
false |
Token Signing Certificate |
The certificate (pfx) to use when signing. Important: this impacts all apps who opted to use the Tenant Signing certificate |
|
Email is unique across users |
Enforce uniqueness of email adress accros users. |
false |
Require email address before successful logon |
To force the user to provide an email address before the logon is succesful. |
false |
Collect geolocation info |
To enable or disable collection client geolocation information. |
true |
Two factor authentication required |
To force users to use two factor authentication when authenticating |
false |
Two factor verification methods |
Enable or disable two factor authentication methods: Email, SMS and Authenticator App. |
true |
Two factor authentication maximum attempts |
The maximum number of failed two factor authentication attempts a user can take before being locked out of two factor authentication. Use the value 0 to disable this functionality (not advised!). |
5 |
Two factor authentication cool-down |
The number of minutes for which a user is locked out of two factor authentication after the maximum number of failed attempts has been reached. |
15 |
Propose to merge identities based on email address |
|
false |
Allowed CORS |
Comma separated list of URL's allowed to perform CORS calls to the The Identity Hub API. |
|
Automatically allow access to Apps for new Account Providers |
New Account Providers are automatically added to the list of allowed Account Providers for an App. |
true |
Maximum number of minutes a profile password is valid |
The number of minutes a profile password is valid |
480 |
Use session cookies |
When true the session is lost when closing the browser. |
true |
Maximum number of minutes a logon session remains valid |
Number of minutes before a user needs to reauthenticate |
Depends on the LogonSessionValidity configuration parameter. See The Identity Hub Configuration |
Profile Self-Management
Parameter |
Description |
Default |
Hide Profile Delete option |
When true , the user can only request to delete his profile instead of deleting it immediately |
false |
Hide Profile Pages |
When true , the user can not manage or consult his or her profile. |
false |
Mail
Parameter |
Description |
Default |
Footer image |
When provided, the image is used as footer image in the emails sent from within the tenant. |
No image * |
* In on premises installations, the image configured on the hub tenant can be considered as the default.
Sms Service
Parameter |
Description |
Default |
Maximum number of SMS sent per user |
To prevent extensive usage of features that use SMS service a limit can be set over a period of time. |
|
Period of limitation |
Period of time over which the maximum number of SMS that can be sent applies. In hours. |
|
Tenants