Branding
In SecureAuth CIAM Platform you can brand web pages and messages in order to display a united image of your brand to your developers, users, partners, and more. Additionally, paid customers can leverage custom (vanity) domains to expose their tenants under a different URL.
UI Customization and Branding
Configure the look and feel of the SecureAuth platform components such as login pages, consent pages, user portals, and more.
As an SecureAuth administrator, you get a dedicated view where you can set up specific graphical items or create Themes and see the instant demo of the input you provide as the UI settings.
There are 2 ways to brand web pages and messages:
|
| ||
Edit logos, fonts, colors for Web Pages: Login Pages, Consent Pages, MFA pages, Error Pages, User Portal, and Developer Portal | Edit the HTML code of all SecureAuth components -- both Web Pages and Messages (Email and Text) | ||
In a workspace, you can configure the appearance of co | Found in Tenant Settings | ||
Tenant Wide | A theme can be applied to multiple workspaces |
Branding Using Themes
With Themes, you can modify any web page and message template to match your needs. Any content can be modified. You can modify, for example, the login page, consent page, email sent to users asking for account activation, and more.
You can create Theme without applying it into any workspace first and play around with it. You will see in the Preview screen how it would look like in action. Once you feel you have all you need to can create test workspace and apply the Theme to it and test it live. Once you verify all is working fine, it's time to assign the Theme to your production workspace. Once you want to make a change to such Theme just duplicate it on UI, test it, and apply new version to your workspaces.
With Themes you can achieve the following advantages:
Completely style the page branding so that it matches the rest of your website that SecureAuth provides identity capabilities for.
Include the correct privacy statements for all customers.
Apply individual styling for all customers and de-couple it from SecureAuth's own branding.
Change email and text messages to match your branding
Themes consumed by SecureAuth are Golang-based HTML templates, so you're going to need an understanding of this technology in order to modify them. The SecureAuth theme is a system theme and cannot be changed. When ready, themes can be bound to one or many workspaces.
There are two main sections of Themes to customize:
Custom (Vanity) Domains
Organizations can forward the users from a custom (vanity) domain to the original SecureAuth domain. With SecureAuth, you can expose your tenant on a custom domain that is, for example, easier to remember, simplified, or is set to follow your branding.
For example, a company called ACME wants to expose their SecureAuth tenant under a different domain. So far, the employees could access it under the acme.us.authz.secureauth.io/acme domain. To simplify the domain, the ACME company decides to expose their tenant under a custom (vanity) domain called acme.example.com.
There are two ways to configure vanity domains:
Vanity domain behind a customer-managed web application firewall (WAF) / content delivery network (CDN) / proxy.
Vanity domain directly served by SecureAuth
Feature availability
If your organization wants to use custom domains, contact SecureAuth Sales Team.
Vanity Domain Traffic Flow
Custom Domains with WAF / CDN / Custom proxy
In this setup, customer has an existing WAF or similar solution that acts as a reverse proxy. WAF is responsible for handling the TLS certificate. Configure WAF/CDN/Custom Proxy.
Direct Custom Domain Setup
In this setup, SecureAuth serves the vanity domain directly. Used by organizations which do not have a proxy infrastructure (vanity proxy) and own only a company domain through any DNS registrar. Traffic translation from a vanity domain to a tenant domain is handled on the SecureAuth infrastructure.
In the direct setup, there is a custom Ingress specifically created for the vanity domain. To make this work with vanity domains, you have to set up a CNAME record pointing to the SecureAuth's custom ingress. Learn more.