Documentation

Table of Contents


Other Resources


The Identity Management (IdM) tool contains the Self-service Account Update page function to allow end users to change their own user profiles. 

The Self-service Account Update page contains various self-service features to manage their profiles:

  • Add new user information (for example, mobile number and personal email address)
  • Update user information (for example, new home address and last name change)
  • Update multi-factor authentication (MFA) information
  • Set PIN
  • Select knowledge-based questions (KBQs)
  • Reset device recognition information
  • Revoke devices and browsers provisioned for time-based passcode generation, push notifications, and push-to-accept login requests

The data store for your organization receives the user profile updates made on the Self-service Account Update page. This depends on the configured data store write permissions. And it reduces directory management time and costs.

Prerequisites

  • Data store with service account write privileges to add and change user information
  • A realm for the Account Management page function with the following tabs configured before setting up the Post Authentication tab: 


Identity Platform configuration

  1. Go to the Post Authentication tab.
  2. In the Post Authentication section, set the following configuration. 

    Authenticated User Redirect Set to Self Service Account Update
    Redirect ToThis field is autopopulated with the post authentication .aspx page. This is appended to the domain name and realm number in the web address bar. For example, Authorized/AuthorizedAccountUpdate.aspx. 

  3. In the User ID Mapping section, set the type of User ID to assert in the Self-service Account Update page. This is usually the Authenticated User ID
  4. Click Save
  5. In the Identity Management section, to configure the functions of the Self-service Account Update page, click the Configure self service page link. 
  6. In the Self Service section, set the user field (and its settings) you want to appear on the Self-service Account Update page. The SecureAuth Field corresponds to the Profile Properties in the Data tab. 
    For most field settings, use the following Display Type, while others are self-explanatory:

    • Hide – Do not show the SecureAuth Field on the Self-service Account Update page. 
    • Show Disabled – Show the SecureAuth Field on the Self-service Account Update page. User cannot edit this field.
    • Show Enabled – Show the SecureAuth Field on the Self-service Account Update page. User can edit this field.
    • Show Required – Show the SecureAuth Field on the Self-service Account Update page. Require user to edit information in this field.  

      In the Regular Expression field, you can limit the type of information in the field users can enter on the self-service page. For more information, see the knowledge base article Restrict allowed information in employee self-service page

  7. Save your changes. 


Optional configurations for token or cookie settings and SSO

In the Forms Auth/SSO Token section, you can optionally configure the token or cookie settings, and single-sign on (SSO) for this realm.

To configure token or cookie settings, see Configure token or cookie settings.

To configure this realm for SSO, see SecureAuth IdP single sign-on configuration.

To configure this realm for Windows Desktop SSO, see Windows desktop SSO configuration

  • No labels