• State Verified Answer
  • Replies 8 replies
  • Subscribers 94 subscribers
  • Views 1298 views
  • Users 0 members are here
Options
Related

How to configure authentication module für angular-based portal?!

identitymanager-support
8 months ago

Hello,

We are currently running the first steps in version 9.1.1.
We also want to see what steps are necessary to get the new portal based on Angular up and running.

In the documentation (support.oneidentity.com/.../2 the point "Configuring authentication" is explained.

But I can't find this point in the admin portal neither at imx nor at portal.
For example, in one environment we want to have single sign-on - in another we do not. Where is this to be set?
Presumably there is still something to configure for Angular-Web?!
In the previous WebDesigner portal you could adjust the setting you were looking for via Web.config - is there something similar for Angular?
How to proceed with this?

Thanks a lot for any hints on this matter!

  • 0 8 months ago

    I am not aware of being able to set this up for handling authentication for two different domains to behave differently, I have never heard of this being available.

    As for configuring any of the web portals even the HTML5 ones, you can set the options via Designer under the following:

    Base Data > Security settings

  • 0 8 months ago in reply to Troy Grandy

    Thanks Troy for your feedback.

    Perhaps I did not express myself well enough. In our development and test environment, we usually log in using the "DynamicPerson" method.

    Later, when we are in the production environment, single sign-on comes into play. 

    This selection of "DynamicPerson" is not yet shown to me in Angular web.

    So how would the method need to be configured within Designer - Base Data > Security Settings - to show this in Angular web?

  • 0 8 months ago in reply to identitymanager-support

    Then select web server configurations and select the API server. Once there click the authentication module (primary), is dynamic dynamic available?

  • 0 8 months ago in reply to Troy Grandy

    Thanks Troy.
    I have looked at the place in the designer - there the mentioned entry was missing, thereupon I have tried to add this manually however "only" the possibility "API Designer" is indicated to me - an "API server" is not indicated to me. What could be the reason for this?

  • 0 8 months ago in reply to identitymanager-support

    That is the correct option. API Designer is the program for the API Server.

  • 0 7 months ago in reply to Troy Grandy

    Thanks Troy - this setting seems to be correct.

    I have set the first authentication method for the API Designer in the Web Server Configuration as "Employee (dynamic)". As second "system user".
    In the login screen to the Web Portal, however, I am offered only the 3 variants regarding ADS Account (ADS Account dynamic, ADS Account, ADS Account role-based).
    If I now want to assign the module "Employee (dynamic)" to the PRogram "API Designer", I get the following error:

    [1025012] Object (Authentication modules) could not be saved!
[810306] Error running 'OnSaving' in logic module 'VI.DB.Entities.ModuleDependentLogic'.

    How do I get a different login method configured for the Angular Web?
    In the old/previous Web Designer Web this was possible in the WebDesingerConfigEditor.

  • +1 7 months ago in reply to identitymanager-support

    The authentication for the angular web portal is controlled by the following:

    Base Data > Security settings > Programs

    Click on WebDesigner and then select Authentication module

    Make sure the Disabled check box is empty for Employee (dynamic)

    Save the changes and recycle the application pool in IIS

    Now when you login to the Angular web portal you will see the Employee (dynamic) in the drop down list.

  • 0 7 months ago in reply to Troy Grandy

    Thanks Troy - with your advice and the colleague who usually takes care of permissions in the application, we got it working.

    We had to enable the desired methods for the selection in the front ends first.
    Now we are one step further - more questions will follow :-)