About the Internal Application Manager

In the SecureAuth® Identity Platform, the Internal Application Manager is a tool that allows you to add an internal application integration and attach a user authentication policy. Some examples of internal applications are the Secure Portal, Password Reset, Help Desk pages, and OIDC integrations.

This is not to be confused with the Application Manager, which contains templates for third-party SAML application integrations.

You might have a use case to set up an internal application like the Password Reset page. Or, as a current SecureAuth customer who upgraded to this product release, you have legacy realms created in the Classic Experience. And you want the ability to connect those realms with user authentication policies from the New Experience UI. This where the Internal Application Manager comes in.

In the following sections, learn more about internal application use cases.

You're new to the Identity Platform product. You have a business use case for the Secure Portal, Password Reset, Help Desk pages, and OIDC integrations.

For example, you want a Secure Portal for your end users to access and enroll applications like Office 365, Salesforce, and Slack. We'll use the Internal Application Manager to set up and configure a Secure Portal page.

The following is a brief overview of the process. At the end of this section is a link to detailed configuration steps.

Set up authentication policy

Set up user authentication policy for the login experience.

Add new internal application

Add a new internal application like Secure Portal, with a data store and authentication policy.

The available internal application options are:

  • Custom Redirect

    • Custom Redirect

  • Identity Management (IdM)

    • Account Management

    • Forgot Username

    • Password Reset

    • Secure Portal

    • Self-Service Account Update

    • Create User

  • Certficate Based

    • Create PFX (iPhone + VM)

    • Create PFX Link (ASA)

    • Create PFX Auto Link (Citrix Receiver)

    • Native Mode Cert Landing Page

  • Microsoft/WS-*

    • Create OWA 2010 Token

    • Create SharePoint 2010 Claim

    • Create Windows Live@Edu Token

    • Microsoft Forms Based Authentication Token

  • Generic (HTTP / OAuth / OpenID / etc)

    • Basic Authentication

    • Submit Form Post

    • Multi-factor App Enrollment - QR

    • Multi-factor App Enrollment - URL

    • OpenID Connect / OAuth2

    • User Handler Web Service

  • 3rd Party Application Integrations

    • F5 BigIP

    • PDP Configuration

    • Siteminder Session Token

    • WebSphere via Post

    • YubiKey Provisioning

  • Mobile

    • Mobile Native App Launch

    • Android Transition

    • iOS Google Apps Provision

    • iOS Exchange Provision

Configure internal application in the Classic Experience

To complete the configuration, click the link on the internal application page; it takes you to the Post Authentication tab in the Classic Experience.

For example, if you selected Secure Portal as the internal application, you'll need to configure the Secure Portal page settings on the Post Authentication tab in the Classic Experience.

Result

End users get the new login experience when they log in to the URL set by the internal application.

Detailed set up procedure

To add an internal application, see Setting up an internal application.

You've upgraded to the latest release of the Identity Platform product. You have a business use case for the Secure Portal, Password Reset, Help Desk pages, and OIDC integrations.

For example, you want a Secure Portal for your end users to access and enroll applications like Office 365, Salesforce, and Slack. We'll use the Internal Application Manager to set up and configure a Secure Portal page.

The following is a brief overview of the process. At the end of this section is a link to detailed configuration steps.

Set up authentication policy

Set up user authentication policy for the login experience.

Add new internal application

Add a new internal application like Secure Portal, with a data store and authentication policy.

The available internal application options are:

  • Custom Redirect

    • Custom Redirect

  • Identity Management (IdM)

    • Account Management

    • Forgot Username

    • Password Reset

    • Secure Portal

    • Self-Service Account Update

    • Create User

  • Certficate Based

    • Create PFX (iPhone + VM)

    • Create PFX Link (ASA)

    • Create PFX Auto Link (Citrix Receiver)

    • Native Mode Cert Landing Page

  • Microsoft/WS-*

    • Create OWA 2010 Token

    • Create SharePoint 2010 Claim

    • Create Windows Live@Edu Token

    • Microsoft Forms Based Authentication Token

  • Generic (HTTP / OAuth / OpenID / etc)

    • Basic Authentication

    • Submit Form Post

    • Multi-factor App Enrollment - QR

    • Multi-factor App Enrollment - URL

    • OpenID Connect / OAuth2

    • User Handler Web Service

  • 3rd Party Application Integrations

    • F5 BigIP

    • PDP Configuration

    • Siteminder Session Token

    • WebSphere via Post

    • YubiKey Provisioning

  • Mobile

    • Mobile Native App Launch

    • Android Transition

    • iOS Google Apps Provision

    • iOS Exchange Provision

Configure internal application in the Classic Experience

To complete the configuration, click the link on the internal application page; it takes you to the Post Authentication tab in the Classic Experience.

For example, if you selected Secure Portal as the internal application, you'll need to configure the Secure Portal page settings on the Post Authentication tab in the Classic Experience.

Result

End users get the new login experience when they log in to the URL set by the internal application.

Detailed set up procedure

To add an internal application, see Setting up an internal application.

You have a legacy application created in the Classic Experience, like the Secure Portal, Password Reset, Help Desk pages, and OIDC integrations.

Upgrade to the latest version of the Identity Platform and use the Internal Application Manager to implement a user authentication policy from the New Experience UI to a legacy application.

For example, you have legacy application set up for the Password Reset page; it was created in the Classic Experience. We're going to create a new internal application with an authentication policy in the New Experience UI. Then, you're going to configure a redirect from the legacy URL to the new URL so that you can continue to use the legacy login URL.

The following is a brief overview of the process. At the end of this section is a link to detailed configuration steps.

Set up authentication policy

Set up user authentication policy for the login experience.

Take notes on legacy realm settings

Make a note of the legacy realm settings that were created in the Classic Experience, like data store connections (Data tab) and authenticated user redirect page settings (Post Authentication tab).

For example, on the Post Authentication tab, you have the Authenticated User Redirect field set to Password Reset.

You'll want to duplicate the same data store and target application page settings (like Password Reset) in the new internal application.

Add new internal application

Add a new internal application like Password Reset with a data store and authentication policy.

From the new internal application you just created, copy the new realm name, like Secureauth256.

The available internal application options are:

  • Custom Redirect

    • Custom Redirect

  • Identity Management (IdM)

    • Account Management

    • Forgot Username

    • Password Reset

    • Secure Portal

    • Self-Service Account Update

    • Create User

  • Certficate Based

    • Create PFX (iPhone + VM)

    • Create PFX Link (ASA)

    • Create PFX Auto Link (Citrix Receiver)

    • Native Mode Cert Landing Page

  • Microsoft/WS-*

    • Create OWA 2010 Token

    • Create SharePoint 2010 Claim

    • Create Windows Live@Edu Token

    • Microsoft Forms Based Authentication Token

  • Generic (HTTP / OAuth / OpenID / etc)

    • Basic Authentication

    • Submit Form Post

    • Multi-factor App Enrollment - QR

    • Multi-factor App Enrollment - URL

    • OpenID Connect / OAuth2

    • User Handler Web Service

  • 3rd Party Application Integrations

    • F5 BigIP

    • PDP Configuration

    • Siteminder Session Token

    • WebSphere via Post

    • YubiKey Provisioning

  • Mobile

    • Mobile Native App Launch

    • Android Transition

    • iOS Google Apps Provision

    • iOS Exchange Provision

Configure internal application in the Classic Experience

To complete the configuration, click the link on the internal application page; it takes you to the Post Authentication tab in the Classic Experience.

For example, if you selected Secure Portal as the internal application, you'll need to configure the Secure Portal page settings on the Post Authentication tab in the Classic Experience.

Redirect the legacy realm URL to the new realm

Use the procedure in Redirect legacy realm URL for internal applications.

Result

End users get the new login experience when they log in to the legacy URL.

Detailed set up procedure

To use an authentication policy from the new UI and connect it to a legacy realm, see Connecting a legacy internal application and Redirect legacy realm URL for internal applications.