Hi @jhooperyan,

Unfortunately, Aurena will not support the ‘admin’ gateway and this is not on the Roadmap for IFS Applications 10.

Going forward, in the next core release, the plan is to support the ability to configure multiple identity providers for an instance and allow a choice of which method is utilized.  So, for example, some users could utilize Azure AD or ADFS SSO while others are using the database username/password method.

I’m sorry we don’t have a better answer for you now, but it is something that is planned to be supported in the next release.

If a database authentication fallback is needed for administration tasks, the instruction is to use Enterprise Explorer.

Hope this helps!

@Himasha Kapugeekiyanage  - thanks for the quick response.  So - does this mean that at some future point, I can use the same link for ADFS and DB logins? 

I have no problem only using an ADFS ID.  But as far as I know - app owner is going to stay a DB ID and there are times that is is needed.  When IEE goes away after apps10, I need some way to login as app owner or I’ll need an ADFS equivalent.

@jhooperyan I’m not really sure how this is going to be implemented but, there will be a way to select the authentication method that you wish to use to log In to the application. Like in this case, you will be able to select DB Authentication to log in to Aurena using Appowner Username and Password.

Hi Himasha, I am investigating using SSO for our company.  We are on Apps10 update 7 and currently use  database logon.   We have users on two network domains: one shop floor domain with no access to the web and one for the business users that is not restricted.  There are no plans to merge them.  I would like to enable SSO just for the business users but was told it’s all or nothing and they all have to be on the same domain.  

Do I understand your last comment correctly that we can set an authentication method per user in IFS Cloud?  I had the same question about how to logon with IFSAPP. if you use SSO and have no logon promprt.

Thanks! 

Reconfiguring temporarily to use database authentication.

This works due to the fact that reconfiguring to use database authentication can be done with minimal downtime in Apps 10 due to the fact that it does not require any server restarts. Still, it may be more viable on a test environment or a clone than a live production one.

This is how to do it:

• Go into the IFS Middleware Server Admin Console and look up the authentication configuration for the application type you need to access. Take the config here and copy it to some form of backup.
• Change the Identity Provider to IFS Database and click save.
• Log in to the application. You now have an authenticated session.
• Restore the configuration you backed up in the Middleware Server admin console. Click save. The interruptions experienced by others are now over.
• You will notice your authenticated session is still active. You now have a session that will let you use the application, but it cannot be renewed. If you let the session expire, you need to repeat the steps above to get a new one