Skip to main content

Inline Password Change Configuration Guide

Introduction

Use this guide to configure and enable the Inline Password Change feature for SecureAuth IdP realms.

This feature enables users to change expired passwords during the workflow process without requiring to leave the current realm.

Prerequisites

Ensure the following items are set up and running before executing the configuration steps:

  • SecureAuth IdP version 7.0.2+

  • On-premises directory integrated with SecureAuth IdP – configured on the Data tab

  • Directory service account for SecureAuth IdP with read and write access

  • A new realm – or an existing realm on SecureAuth IdP Web Admin – on which this feature will be enabled

SecureAuth IdP Configuration Steps

Data

1. In the Membership Connection Settings section, select True from the Advanced AD User Check dropdown

47224019.png

Warning

Click Save after the configuration is complete\ and before leaving the Data page to avoid losing changes

Workflow

2. In the Workflow section, select an Authentication Mode from the dropdown that includes Password

For this example, Username + Password Only (On separate pages) is being used

3. Select Enabled from the Inline Password Change dropdown

35913951.png

Warning

Click Save after the configuration is complete and before leaving the Workflow page to avoid losing changes

4. Click Password Settings

Password Settings

5. In the Password Expiration section, set the Password Expires Days to the number of days during which a password is valid

6. Set the Password Warn Days to the number of days before the set Password Expires Days during which an end-user is warned of the upcoming password expiration

7. Set the remaining Password Settings on the page as preferred

35913952.png

Warning

Click Save after the configuration is complete and before leaving the Password Settings page to avoid losing changes

End-user Experience

35913953.png

Once the end-user lands on the page that prompts for the password, the alert for the password expiration appears

Note

This could be a warning stating that the password will expire in X days; or a warning that the password has expired, as shown in the image

If it is just a warning message, then the end-user is not required to change the password

Enter the current password (which is still valid) in the Password field, and then click Submit to gain access into the realm

If it is a password expired message, then the end-user must change the password before preceding

The end-user sets the new password, and hits Submit, therefore changing the expired password to a new one and gaining access into the realm's target resource (application, IdM tool, etc.)