Skip to main content

Is it possible to prevent database authentication with Aurena, leaving only the SSO option available to users, at least for external-facing IFS Cloud sites?

This is with IFS Cloud.

It seems like it should be feasible but I’ve not yet found any clear documentation on how to go about the process if it is.

Thanks,

Nick

Hi @NickPorter,

When you say database authentication, I think you mean Default IDP and yes, you can disable the Default IDP for users when an External IDP is configured. 

There is an option to disable the default IDP for each user in User Details screen.  You can find details in the documentation:

https://docs.ifs.com/techdocs/23r1/030_administration/010_security/010_users/020_new_users/#creating_a_new_user

However, this will not get rid off the username/password input fields in the login page as the option should be there for the default IDP enabled users. 

Hope this helps!


Thanks @Charith Epitawatta but that isn't really what I’m looking for.  If I understand correctly, what you describe here is the way to force users, at a user level, to only use e.g. SSO. This is helpful but still leaves the username and password fields available externally.

What we’re looking for is a way to disable or remove the option for database account username/password credential entry on an external/internet web (Aurena) page.  Anyone who wanted to log in using using database account credentials (for example the appowner) would then have to do so only using a direct database connection like SQLPLUS or potentially an alternate internal network version of the URL/page/client that still allowed it.

Fundamentally there was something a bit similar in Apps10 where there were multiple ‘clients’ that could be launched - one which allowed Oracle DB account authentication (“Admin”) and another that could be used for SSO authentication (“Users”).

Any ideas?


Hi @NickPorter,

Please have a look at the following idea regarding a similar request. Feel free to add any suggestions and vote as well. 

Hope this helps!


Reply