Configure Sign-In Settings

In this tutorial you will learn how to customize the Common Sign In page for Adaxes Web Interface, configure logon options (SAML-based single sign-on, integrated Windows authentication), modify brute force protection settings, and other options related to sign-in.

Common Sign In

Adaxes Web Interface provides a common sign-in page that enables users to log in to different Web Interfaces from a single place. The feature can be configured to either allow users to manually select the Web Interface they want to use, or automatically redirect them to a Web Interface based on the rules you define.

By default, the Common Sign In page allows users to select themselves the Web Interface they want to log in to. You can configure which Web Interfaces are available for selection and specify the Web Interface to select default.

Alternatively you can enable automatic selection of Web Interfaces. When enabled, users cannot select a Web Interface, and get automatically redirected based on if/else rules. For example, if a user is a member of the Administrators group, they can be automatically redirected to the Web Interface for Administrators.

  • Open Adaxes Web Interface Configurator.
  • Select Common Sign In in the drop-down list located at the top left corner.
  • Configure the settings in the Target Web Interface Selection section.
  • Save the changes.

If you don't want the Common Sign In page to be available to users, you can disable the Common Sign In feature.

  • Open Adaxes Web Interface Configurator.
  • In the drop-down list located at the top left corner, select Manage Configurations.
  • In the dialog that opens, clear the checkbox for Common Sign-In.
  • Click OK and save the changes.

Sign In Settings

In this part of the tutorial you will learn how to:

  • Enable two-factor authentication for the Username/Password form authentication.
  • Enable automatic logon or SAML-based single sign-on for the Web Interface.
  • Customize brute force protection settings.
  • Allow users to enter their usernames without the domain part when logging in to the Web Interface.
    Example: jsmith instead of DOMAINNAME\jsmith.
  • Allow users to use a specific property of their account as login name.
    For example, you can allow users to use their email address or Employee ID as username.
  • Embed custom HTML code to the Sign-In page.

To configure options related to the Sign-In page of the Web Interface:

  1. Open Adaxes Web Interface Configurator.

    • On a computer, where Web Interface Configurator is installed, open the Start menu.
    • On the Start menu, select Adaxes Web Interface Configurator.

    The permissions to configure the Web Interface are delegated via Security Roles. By default, only Service Administrators have the appropriate rights. To enable other users to configure the Web Interface, grant them the corresponding permissions.

    • In Adaxes Administration Console, right-click your Adaxes service, point to New and click Security Role.
    • Enter a name for the new Security Role and click Next.
    • On the Permissions page, click the arrow inside the Add button and select Configure Web Interface.
    • Click Next and follow the steps in the wizard.
  2. In the top left corner, select the Web Interface you want to customize.

    By default, all Web Interfaces use the Sign In settings of the Common Sign In page. If you want a particular Web Interface to have different settings, select it in the list. Otherwise, select Common Sign In.

  3. In the left navigation menu, click Sign In.

  4. To enable two-factor authentication:

    • Select the Username/password form authentication option.
    • Check the Enable two-factor authentication checkbox.
    • Select the authenticator app you want to use.

    After two-factor authentication is enabled, users will need to install the app on their device and activate it upon the first login to the Web Interface. During subsequent logins, they will be prompted to enter a code generated by the app to sign in.

    If a user loses their mobile device or gets a new one, they will need to re-activate the authenticator app on the new device. For details on how to do it, see Reset authenticator app.

  5. To enable single sign-on for the Web Interface you can use either Integrated Windows Authentication or SAML authentication.

    Auto-login (Integrated Windows authentication)

    If automatic logon is enabled, users will not need to enter their username and password to sign in, and the Web Interface will use Kerberos/NTLM for authentication. It means that all users will be signed in using the same account used to log in to Windows.

    Single sign-on (SSO) using SAML

    If SAML authentication is enabled, the Web Interface will send a request to an external identity provider (Okta, OneLogin, Azure AD, etc.) to authenticate the user. If a user is already authenticated against the provider, they will be automatically logged in to the Web Interface without any authentication process. For details on how to configure SAML authentication settings, see Enable SAML-Based Single Sign-On.

  6. To enable protection against brute force attacks, select the Brute Force Protection option.

    For details on how to configure brute force protection, see Prevent Brute Force Attacks.

  7. In the Username section, configure settings related to the Username field.

  8. In the Page Customization section, you can customize the top and bottom parts of the Sign In page.

  9. Save the changes.

Open tutorial filtering

Got questions?
Support Questions & Answers