...
| Field | Description | ||
|---|---|---|---|
| General | |||
| Technical Name | Web Application's name in Ubisecure SSO. | ||
| Application Type | The type of this application. | ||
| Web address | The Web Application's IP-address or URL. This field is informative. | ||
| Platform | Web Application platform such as Java, .NET, IIS, Apache or Notes/Domino. This field is informative. | ||
| Template Names | If you have set your own login layout for this Web Application specify the template name here. The corresponding name must be found in the custom/templates.index file. See Login UI customization - SSO for more information on template use.If left blank, a default template is used.Multiple templates can be specified using whitespace as a separator. The first template listed will be used as the default template. Other templates are available to SAML SP applications implementing template request functionality defined in the API. A SAML SP application cannot request an application that is not listed in this whitelist. In versions prior to 6.3, this field is called "UAS JSP Template" and only one template name is permitted. | ||
| Description | Describe the Web Application or service behind it. This field is informative. | ||
| Contact | |||
| This field is informative | |||
| Status | |||
| Enabled | Enable or disable the Web Application | ||
| Authentication Session Timeout | Specify the number of minutes of inactivity after which a user session times out. After the timeout, re-authentication is required. Timeouts are discussed in detail in the Timeout configuration - SSO.The timeout value shown here applies to Ubilogin Web Application integrations using the Ubilogin Ticket Protocol activator file. For SAML SP integrations, this value is indicative only. In both cases, the setting may be overridden in the application or SAML SP settings on the machine where the Web Application is used. These overrides will not be reflected in this value.Note that the value specified for Ubisecure SSO can also override this setting. User session timeout value is determined by the smallest of the following values:
| ||
| Single Sign-out Settings | |||
| ForceReauthentication | Force authentication regardless of existence of the SSO session. Use this to always prevent single Sign On and foce force a new login event before accessing the application. | ||
| Prevent SSO after use | Authentication valid only once. Use this to require a new login event after accessing this application. | ||
| Authorization | |||
| Authorization Policy | Authorization Policies that are used with this Web Application | ||
| Name Mapping | Mappings that are used with this Web Application | ||
| Refresh Token Table (OAuth2 only) | Refresh token table that is used with this Web Application | ||
| ID and Activation | |||
| Web Application ID | Web Application identification information. This value is generated automatically for Web Applications or retrieved automatically from the uploaded SAML2 metadata file. | ||
| Activate Web Application | For Web Application integrations using the Ubilogin Ticket Protocol, this button will activate the Web Application and generate a Web Application Activator file. The Web Application Activator file must be transferred securely to the target service. For SAML SP integrations using the SAML2 protocol, this button will activate the Web Application as a SAML SP and enable uploading of the SAML SP metadata. SAML SP metadata can also be copy and pasted into the form which opens after pressing this button. | ||
| Compatibility (Not for Ubilogin Web Agent) | |||
| Application Compatibility Flags |
| ||
| Redirect URI validation policy (OAuth2 and Tupas only) | Specifies the policy on how the redirect URI passed in an authentication request (redirect_uri in OAuth2 and A01Y_RETLINK/A01Y_REJLINK/A01Y_CANLINK in Tupas) are validated against the pre-registered URIs of the client (redirect_uri/redirect_uris in the client metadata in OAuth2 and Tupas).
| ||
...