Hello.There are some startup parameters that can be added to the server to influence the database identity provider. One of those controls the access token lifetime. See here for more information:https://docs.ifs.com/techdocs/Foundation1/040_administration/210_security/015_authentication/040_configure_DBIDP/default.htm#Configure_behaviour_through_startup_paramtersBest regards, Björn.
Hello.This is somewhat dependent on the dimensions of the browser window (or your screen, if it’s maximized) because the image will try to fill out your browser window. It will maintain its aspect ratio but scale so that it covers the entire background.Something that mimics the default one will probably behave in a similar way to that.The important thing to note is that details to the right of the image may be obscured by the login controls rendering on top of them, while details near the bottom of the image may not be rendered if your screen is wider than the image because they will be below the bottom of the browser window.As such, if you put text on it or something else that you want the user to see, then that should probably be placed near the top left which gives it the maximum chance of not being obscured behind the login controls or rendered below the bottom of the browser window.Best regards, Björn.
Hello.Judging by the screenshots provided in the post, I can see two things.The resource parameter in the token request is shorter than the client IDs. That’s not how it’s supposed to be. The correct value for a resource parameter is the same as the web client ID for database authentication. The access token you get is not a JWT token. This is consistent with what you would expect from a faulty resource parameter being used. Correct the resource parameter and I believe your token request should work and yield a good access token.The ID token is also a JWT but it shouldn’t (can’t) be used like this.Best regards, Björn.
Hello. Since a while back, there is a part in the technical documentation about obtaining access tokens for use with the non-compatibility IFS REST API:s and how to use the tokens. If I understand correctly that you want to use tokens for the IFS Rest APIs, it may be of help to you.https://docs.ifs.com/techdocs/Foundation1/010_overview/210_security/030_authentication/oauth2.htm
Hello. I think both solutions are viable options if you do run into the problem.The ADFS setup in the documentation is very simplistic and returning only the relevant claims is a viable alternative also. The ADFS parts of the IFS technical documentation should be seen as a reference example. It is by no means an exhaustive list of everything you can do with ADFS. Having a more intricate ADFS claim rule setup than described in the documentation will reduce token size, which might make more sense than expanding the request header field size. But most of the time, you could go with either solution.It’s possible that SAM-Account-Name can also be omitted from the tokens (IFS checks identity on the “upn” claim from ADFS which usually contains User-Principal-Name), but I haven’t tested that personally.For most installations, we do not see this problem occurring at all.I’ve seen something very similar happen with Apps 9 SSO once also. In that case, it could be solved by expanding the header fi
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
