Skip to main content

Web Admin Part I - Getting to Know the SecureAuth IdP Web Admin


Use this guide to understand the SecureAuth IdP Web Admin, including how to navigate through it, view realms, and create realms.


Home Page


Web Admin is the browser-based tool used to administer and configure the SecureAuth IdP appliance and all realms

Access the Web Admin:

Once the SecureAuth IdP appliance has been successfully installed, administrators can log into the server, open Internet Explorer and click on the provided bookmark (SecureAuth Admin), which will direct them to this Home Page

Here, all realms can be viewed; and if the realm title is clicked (e.g. Password Reset), administrators will be taken into the realm to make any modifications

On any page in the Web Admin, click the SecureAuth logo at the top left to be taken back to this Home Page

Search for specific realms in the top right Search Bar by realm name (e.g. SecureAuth5), realm title (User Creation), or realm description (undefined); or navigate through each of them by selecting specific Page Numbers below the search feature

From here, the Admin Realm, Specialized Realms, Tools and Create Realms can be accessed

Top Menu

Admin Realm


Access the Admin Realm (SecureAuth0) from the Home Page in the top menu

This realm is for the SecureAuth IdP Web Admin, and SecureAuth recommends that it is configured first to ensure the safety of the Web Admin

Follow the Web Admin Part II - Admin Realm Configuration Guide to secure the Web Admin, enable external access, and to control access


Configure the Admin Realm first to ensure secure remote access

Specialized Realms


Click Specialized Realms in the top menu, and App Enrollment to view and / or modify the pre-configured realm that enables users to enroll and provision devices / browsers for OATH OTPs and Mobile Login Requests (PUSH Notifications)

Refer to Multi-Factor App Enrollment (URL) Realm Configuration Guide (version 9.1 and 9.2) for more information



Use the Tools menu to access Web Config settings and update or decrypt the web config files for realms

See SecureAuth IdP Realm Guide - Encrypting and Decrypting Realms for more information

Create Realms


Click Create Realms in the top menu, and Create New From Template to create and configure a new realm with the SecureAuth IdP Web Admin Wizard


Click Create Realms in the top menu, and Create New From Existing to create a new realm by copying the configurations of another realm

Web Admin Tabs



The Overview tab is where basic information about the SecureAuth IdP realm is provided, as well as general SMTP email settings that will be used for any SecureAuth IdP email messages (2-Factor Authentication, Account Updates, etc.)

Here, administrators can also change the appearance of the end-user pages, the text shown on the end-user pages, and enabled languages

To configure the Overview tab, refer to Overview tab configuration



The Data tab is used for directory integration and user account mapping

SecureAuth IdP requires an on-premises data store with which it can integrate to extract information for authentication and assertion purposes, and to which it can write updated user information (e.g. passwords, phone numbers, knowledge-based questions, etc.)

In the Profile Fields section, the admin configures mapping from SecureAuth IdP Properties to data store Fields; this enables the exchange of user information without storing anything away from the directory

To configure the Data tab, refer to Data tab configuration



The Workflow tab dictates how end-users will access the target resource

This includes the authentication mode (standard workflow, username / password only, persistent token only, etc.), token / cookie / fingerprint settings, and more

This tab also includes settings for Social IDs (Facebook, Google, LinkedIn, and Windows Live) for Multi-Factor Authentication

To configure the Workflow tab, refer to Workflow Tab Configuration

Adaptive Authentication


The Adaptive Authentication tab enables and configures the various adaptive authentication capabilities of SecureAuth IdP

Adaptive Authentication allows SecureAuth IdP to perform customized actions based on a real-time analysis of an end-user's authentication attempt; factors that can be included in this analysis include IP/Country blacklisting and whitelisting, IP Reputation and Threat Data analysis, User and/or Group membership, Geo-velocity analysis, and User Reputation/Risk analysis

To configure the Adaptive Authentication tab, refer to Adaptive Authentication Tab Configuration

Multi-Factor Methods


The Multi-Factor Methods tab enables the many possible mechanisms available for Multi-Factor Authentication

Here, administrators can permit the use of any registration methods per realm, and end-users can select their preferred mechanism during the login process

This tab also includes settings for YubiKey integration for Multi-Factor Authentication

To configure the Multi-Factor Methods tab, refer to Multi-Factor Methods Tab Configuration

Post Authentication


The Post Authentication tab designates the target resource of the realm

This page will alter depending on the selection made from the Authenticated User Redirect dropdown (e.g. SAML 2.0 (IdP Initiated) Assertion Page) to provide only the settings required for the target

Here, configurations can be made for out-of-the-box Identity Management (IdM) tools like Self-service Password Reset, Account Update, User Creation, and Reporting; for applications that use SAML, WS-Federation, or OAuth 2.0; and for other post-authentication requests like certificates or enrollment

To configure the Post Authentication tab, refer to Post Authentication Tab Configuration, which includes Integration Guides, IdM Tools Configuration Guides, Certificate Delivery, and more



The API tab enables the use of SecureAuth IdP's APIs on the realm; these APIs can then be called to perform Authentication and/or Identity Management functions in a custom application.

Here, the administrator can configure which APIs are enabled for the realm, and also view the Application ID & Application Key

To configure the API tab, refer to API Tab Configuration



The Logs tab is used to enable and review Audit, Debug, Error, and Certificate Logs for the realm

Administrators can review all authentication events and can search error logs to fix any issues that end-users may be experiencing during the login process

To configure the Logs tab, refer to Logs Tab Configuration

System Info


The System Info tab is used primarily for reviewing settings; however, there are items that may require configuration or modification (e.g., proxy, SCEP)

Here administrators can find information about the appliance such as licensing information, certificate settings, and web.config backup files

To configure the System Info tab, refer to System Info Tab Configuration

What's Next

Move on to the Web Admin Part II - Admin Realm Configuration Guide to configure the Admin realm

For further information
  • Learn more about SecureAuth IdP Realm Guide

  • Refer to the Administration section of topics for specific configuration and integration guides. Additional methods of support are listed below.

Support options


Phone: 949-777-6959 option 2

Support Documentation Searchable Database:

SecureAuth Services Status and Notification Service: