OpenID Connect authentication instance
This manual lists all the configurations that the S-Filer Portal's Configuration CLI can change about the OpenID Connect authentication instance.
| Configuration key | Description | Default value |
|---|---|---|
| cfg. | The Base URL used in mail notifications for users in this domain. As an example, this allows setting a different URL for employees and partners, assuming they are in different domains and there are multiple web interfaces configured. | https://localhost/sfiler/ |
| cfg. | Select « Yes » to enable this authentication mechanism. Remember to turn on the multi-domain feature in the Web GUI configuration to be able to use it in the web interface. | false |
| cfg. | If auto enrollment is true, the authentication for an unknown user account will be attempted and if it succeeds, the user account will be created in S-Filer. If it is set to false the authentication for an unknown user account won't be attempted, this will avoid locking AD/LDAP accounts that are not defined in the adoption policy. | true |
| cfg. | This is the default role assigned to a user who is created in this domain (by adoption or auto enrollment). | 0 |
| cfg. | Select « Yes » to force all users in this domain to use multi-factor authentication (MFA). A user trying to login will be forced to configure its MFA if he has not already done so. | false |
| cfg. | Client identifier used to authenticate with the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. | Client secret used to authenticate with the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. | The identity provider you choose will determine the logo and the name that will be displayed in the S-Filer Web Interface login screen. If your identity provider is not in the list, select "Other" and specify its display name in the "Identity provider display name" parameter. | |
| cfg. | The name of the file containing the custom logo that will be displayed in the S-Filer Web Interface login screen. It is only used when selecting "Other" in the "Identity provider" parameter since all other providers in the list have a fixed logo. This file must be placed in the client theme of the S-Filer Web Interface (consult the OpenID Connect configuration guide for details). | |
| cfg. | The name of the identity provider that will be displayed in the S-Filer Web Interface login screen. It is only used when selecting "Other" in the "Identity provider" parameter since all other providers in the list have a fixed display name. | |
| cfg. | This URL is used to retrieve the metadata of the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. | Whether accounts in this authentication domain are case sensitive or not. (Example: In Windows, accounts are NOT case sensitive. User 'test' is equivalent to user 'TEST'.) | true |