Sign In Setting
Auto Redirect Options
Auto Redirect to Application:
Enable this option if you want to force the authentication of all the users to be done through SSO and not allow the users to login through the Login Page using their local credentials. However, you can set an auto-redirect delay.
Let us consider Keycloak as IdP, when the user tries to access the login page of the application, he will be redirected to the Keycloak login page, and after successful login, he will be redirected to the page he started off.
If this option is disabled then by default the user can see both the login page as well as the SSO Button.
Enable AutoRedirect Delay
If you have just one IdP set as default IdP in the Redirection Rules, the user is redirected to SSO as soon as he accesses the application. To add a delay here, you can enable this option. In this case, a progress bar will be shown on the login page which will allow users to cancel redirection and use application credentials to log in.
Enable Backdoor Login
Enable Backdoor Login will allow you to use a backdoor URL in case of an emergency. You can even restrict access to backdoor URLs for specific groups using Restrict Backdoor URL Access.
Restrict Backdoor URL Access
You can Restrict the Backdoor URL to certain groups in the application. When you enable this option, you’ll be asked to enter the groups to whom backdoor access should be provided. Now, when a user tries to access the backdoor URL, he’ll be asked for his username first and if that username belongs to the configured group, only then will he be able to use the login page.
Backdoor/Emergency URL
Backdoor/Emergency URL allows users to access Software with their local credentials and will be useful when a provider is not available. In case you get locked out, you can enable the backdoor login using API request
You can customize the Backdoor URL by clicking on the edit button beside it and entering new parameter values.
Relay State URL
Enter the absolute URL where you want to redirect the user after SSO. Keep empty to redirect users to the same URL they started with.
Domain Restriction
Use Domain Restriction to allow login to only a specific set of users. You can configure multiple domains (semicolon-separated).
Administrator Login
Secure Admin Login
Secure Admin Login Option can be enabled to ensure the admins will also log in via SSO.