If you want to customize how users log into Web Port, you can adjust the authentication settings. This includes the ability to see their profile, change the language, and designate a particular group as an Obligatory Group for login. Non-admin users must be assigned to this group to be able to log in. This setting is valid with or without Kiona Identity.
Additionally, you can choose whether an Active Directory user should be created in Web Port during their first login. By default, users can log in with an HTML form and will be automatically logged out after 10 minutes.
The following login options are available:
| Option: | Description: |
| Auto logout | Users will automatically be logged out when inactive after set minutes. |
| Show user profile | Show or hide user profile under preferences in top right corner. |
| Option: | Description: |
| FORM | Login via HTML form (default) |
| BASIC | Login via Basic Authentication, requires Enable BASIC to be selected |
| NTLM | Login via NTLM, requires Enable NTLM to be selected |
| KIONA ID | Login via Kiona Identity / Single Sign-On (SSO) |
It is possible to set a default login method and override it via URL. The following URLs correspond to each login type:
| Option: | Description: |
| FORM | http://serveraddress/access/login |
| BASIC | http://serveraddress/access/loginbasic |
| NTLM | http://serveraddress/access/loginntlm |
Information:
To use BASIC authentication, the Enable BASIC check box must be selected.
Information:
To use NTLM, the Enable NTLM check box must be selected.
Information:
When NTLM is used, users defined in AD are used. Access to Web Port is then controlled by creating matching groups in AD and Web Port, and then permissions are indicated on each group in Web Port.
Tip!
NTLM can be used for Single Sign-On (SSO) when both client and server are connected to the same Active Directory. For full SSO, consider using Kiona Identity.
NOTE!
For Cloud customers, Kiona Identity is always enabled.
Password complexity
You can enable password complexity settings to enforce stronger password requirements. By default, this feature is disabled.
Configuration Options:
- Minimum Password Length: Specify the minimum number of characters a password must contain.
Character Requirements:
- Use uppercase letters (e.g. ABC)
- Use lowercase letters (e.g. abc)
- Use digits (e.g. 123)
- Use special characters (e.g. !#%)
When a criterion is enabled, users must include that type of character in their passwords. If a criterion is not enabled, users can still include those characters, but they are not mandatory.
Please note that activating password complexity does not affect already set passwords, and will not automatically force users to change their password.
Info
After more than five consecutive failed login attempts, the user's account will be locked for 20 minutes. A successful login resets the counter. This lock does not apply when logging in from localhost, i.e., on the machine where the Web Port server is installed.
API-settings
There are also settings for API login to Web Port.
Token lifetime (days) indicates for how long a login token is valid.
Max API-tokens per user indicates how many concurrent API tokens a user can have.
If the number is exceeded, the oldest valid token will be removed.
Tip!
It is possible to transmit username and password in the URL to log on to Web Port without needing to manually enter the credentials.
Example:
http://webportaddress:port/access/login?usr=USER&pwd=PASSWORD