Tech Journey

By using this feature it can keep the history of a user's past passwords according to a pre-configured count. This enables you to prevent a user from using a password he/she has used in the recent past. Detailed Instructions Login to the management console. 1. Click Resident under Identity Providers in the Main tab of the management console. 2. Expand the Password Policies tab. 3. Expand the Password History tab and select Enable Password History Feature. 4.Specify the Password History Validation Count and click Update.   Expected Outcome If the user is trying to reuse his recently changed (according to the configurations) password as the current password it will give below error.  

Why Forced Password is important? If a user forgets his credentials and requested the admin to reset his password or the credentials get exposed to outsiders. In both cases admin can forcefully reset the password. High Level Steps Configuring Identity Server     Password reset via recovery Email     Detailed Instructions   Enable account recovery functionality Open the output-event-adapters.xml file found in the <IS_HOME>/repository/conf directory. Configure the relevant property values for the email server that you need to configure for this service under the <adapterConfig type="email"> tag.   <adapterConfig type="email"> <!-- Comment mail.smtp.user and mail.smtp.password properties to support connecting SMTP servers which use trust based authentication rather username/password authentication --> <property key="mail.smtp.from">abcd@gmail.com</property> <proper

Why OIDC Discovery is important? I dentity Server offers a JSON document under the /.well-known/openid-configuration URL. This document has information about the issuer name, endpoint URLs, key material and capabilities of the provider, e.g. which scopes or response types it supports.  High Level Steps   Start Identity Server. Use curl commands to discover the end user's OpenID Provider and the other information. Detailed Instructions   Start Identity server, open the terminal and run below curl command to obtain ‘href’ value which is the OpenidConnect discover endpoint of the Identity Servers. curl -v -k --user admin:admin https://localhost:9443/.well-known/webfinger?resource='acct:admin@localhost&rel=http://openid.net/specs/connect/1.0/issuer ' (Here resource is identifier for the target end user that is the subject of the discovery request and rel is URI identifying the type of service whose location is being requested.)