Page Comparison

1

PluginList

4.0

JSON String Array

An array with all the supported logon methods. You can add your own by specifying the appropriate namespace in the plugin list.

2

UseSSL

4.0

Bool

true

Whether or not to force the usage of SSL

3

SSL-Certificate-Data

4.0

Encrypted String

* * * * *

If set, this certificate can be used to sign tokens

4

SSL-Certificate-Password

4.0

Encrypted String

* * * * *

The password to the certificate data if needed

5

SSL-Certificate-Format

4.0

String

“pfx”

The type of the certificate

9

SMS-Provider-Type

4.0

String

"iTsense.CoreLogin2.Server.SmsProviders.LogConsoleSmsProvider,iTsense.CoreLogin2.Server"

or starting from version 8.x

“LogConsoleSmsProvider"

The SMS provider implementation to use for sending SMS messages.

Supported types:

• iTsense.CoreLogin2.Server.SmsProviders.LogConsoleSmsProvider,iTsense.CoreLogin2.Server → LogConsole

• iTsense.CoreLogin2.Server.SmsProviders.AwsSmsProvider → AWS SNS

• iTsense.CoreLogin2.Server.SmsProviders.RestSmsProvider → REST

Or starting from version 8 simply:

• LogConsoleSmsProvider

• RestSmsProvider

• AwsSmsProvider

10

SMS-Provider-Settings

4.0

String

GET

{ 
	"Method": "GetGET",
	"BaseUrl": "httphttps://myRestSmsApi/soap.aspsms.com/aspsmsx.asmx/SimpleTextSMS?UserKey=LZDQT7R7D3&Password=SWn1vQT08UNHBIueL&Recipient={mobilenumber}/&Originator=COS&MessageText={message}",
	"SecurityMethod": "BasicAuthenticationNone",
	"Username": "MyUserName",
	"Password": "MyPw",
	"MobileNumberFormat": "E164",
	"DefaultCountryPrefix": "+41",
	"BodyContent": Zeronull,
	"BodyEncodingCodePage": :65001,
	"BodyMediaType": "text/plain",
	"RestResource": :Zeronull
} 

POST

The settings for the configured SMS provider as documented How-To configure SMS Gateway Service https://itsense.atlassian.net/l/cp/EupyJ6Sq

11

EnableRememberMe

4.0

Bool

true

Whether or not to show the Remember Me button on the authentication page

12

RememberMeDuration in seconds

4.0

Int

2592000

The lifetime of the remember me cookie in seconds

13

LoginCookieExpiration in seconds

4.0

Int

900

The lifetime of the login cookie in seconds

14

LoginCookieExpiration is sliding

4.0

Bool

true

If the login cookie should follow a sliding period and therefore be extended with new requests

15

TOTP-IssuerName

Publisher-IssuerName

4.0

8.0

String

"COS AUTH DEV"

The name stored as as the issuer in TOTP process.

Starting from version 8, this is also used in other places like SMS OTPs and has been renamed to a more generic name → Publisher-IssuerName

16

Enable LoginHistory

4.0

Bool

true

Whether or not to write login history entries upon each login request

17

Block RemoteIp by invalid logon count

4.0

Bool

true

Whether or not to block clients based on their remote IP address after a given amount of invalid logon counts.

18

Max invalid login count

4.0

Int

5

The amount of failed logon counts that will lead to a temporary block of the remote IP.

19

Invalid login remember duration in seconds

4.0

Int

300

How many seconds a remote IP will be blocked after a he was

20

LoginHistory: OnlyLatest

4.0

Bool

true

If set to true only the last login of a user will be logged. If set to false, each login of a user will be logged.

21

Enable Welcome-Page

4.0

Bool

true

Whether or not to show the Welcome-Page on the IDP or to simply return a 404.

22

Enable Console Logger

4.0

Bool

false

Whether or not to enable a console logger

23

Enable DeveloperExceptionPage

4.0

Bool

false

Whether or not to enable the developer exception pages

24

Enable Log4Net

4.0

Bool

true

Whether or not to enable the Log4Net configuration.

25

Backend API URI

4.0

String

"https://localhost:8000/api/"

The URL to the backend API

26

Backend API-HttpClientSettings

4.0

HTTPClient Settings

Any HTTPClients settings for the backend connection if needed.

IgnoreSslErrors: Do not throw an error if the SSL certificate is not valid
UseProxy: Should a proxy be used? (If true and there is no ProxyConfiguration, the default Windows settings will be used)
AllowAutoRedirect: Follow 301 and302 statuscodes?
ProxyConfiguration: Proxy settings

27

ReCaptchaKey

5.0

String

“AD34FAE”

The Google ReCaptcha Key

28

ReCaptchaSecret

5.0

String

“FFFFAD34FAE”

The Google ReCaptcha Secret

29

Verify email address

5.0

Bool

true

Whether or not users need to verify their mail

30

Trusted email address hosts regex

5.0

String

".*(itsense.ch|coreone.ch)"

Domains to exclude from the verify email address process

31

Reverify email address

5.0

Bool

true

Whether or not users need to reverify their mail address on a periodically basis

32

Reverify email address every x days

5.0

Int

90

After how many days of the last verification date users need to reverify their mail address

33

Password complexity configuration

4.0

35

DisablePasswordReset

4.0

36

Default logonmethods allowed during secret reset (EmptyEntry => No Verification)

4.0

37

OutgoingConnectionsHttpClientSettings

5.0

HTTPClient Settings

Any HTTPClients settings for outgoing connections if needed.

IgnoreSslErrors: Do not throw an error if the SSL certificate is not valid
UseProxy: Should a proxy be used? (If true and there is no ProxyConfiguration, the default Windows settings will be used)
AllowAutoRedirect: Follow 301 and302 statuscodes?
ProxyConfiguration: Proxy settings

39

Subject-Prefix

5.0

String

‘c1s’

The prefix for the subject. The subject will always the the prefix + “:” + the unique identifier.

40

ShowTermsAndConditions

5.0

Bool

true

Whether or not the terms and conditions feature is active

41

ShowPrivacyPolicy

5.0

Bool

true

Whether or not the privacy policy feature is active

42

CoreOne Suite Web Url

4.0

44

Contact page feedback URL

4.0

45

Password Generator Type

4.0

46

SamlTimeComparisonTolerance

5.0

Int

47

AwsSnsAccessKeyId

5.0

Encrypted String

* * * *

The AWS SNS Access Key Id

48

AwsSnsAccessKeySecret

5.0

Encrypted String

* * * *

The AWS SNS Access Key Secret

49

SamlRequestTrustLengthInMinutes

5.0

Int

10

The SAML Message Trust Length

50

EnableFireEventInvalidLogin

6.0

Bool

true

Whether or not to fire an invalid login event. You can register to that event an inform users about attempted logins.

51

MaxInvalidLoginCountWithoutFiringEvent

6.0

Int

5

The amount of invalid login attempts that are allowed by the remote IP before an invalid login event is fired.

52

FireEventInvalidLoginCacheDurationInMinutes

6.0

Int

5

How many minutes the invalid login attempts should be cached.

53

DisableReactivation

6.0

Bool

true

Whether or not to disable the reactivation process on the authentication page.

54

DisableActivation

6.0

Bool

true

Whether or not to disable the activation process on the authentication page.

56

HowManyPastPasswordsToStore

6.0

Int

10

In order to provide a password history the authentication service will mark old passwords as deleted. This settings indicates how many of those should be stored.

57

Totp Valdiator Type

4.0

58

SupportedCultures

5.0

JSON String Array

The supported UI languages. You can remove or add entries.

59

DefaultCulture

6.0

String

“DE”

The default culture to use

60

NtpTimeServers

5.0

JSON String Array

By default the Authentication Service uses some predefined NTP servers to do a time sync that is needed for TOTP validation. You can change those defaults here.

61

NistTimeServers

5.0

JSON String Array

By default the Authentication Service uses some predefined NIST servers to do a time sync that is needed for TOTP validation. You can change those defaults here.

62

HttpTimeServers

5.0

JSON String Array

By default the Authentication Service uses some predefined HTTP servers to do a time sync that is needed for TOTP validation. You can change those defaults here.

63

BackendApiUriV2

6.0

String

'https://localhost:8000/apiv2/'

The URL of the backend API V2

100

InstanceRandomBytes

5.0

String

"0EDeH/p/asdfasdf+o="

Random bytes to sign tokens (if not signed with a certificate)

101

SigningCredentialsData

5.0

Encrypted String

* * * *

The credentials to the signing certificate if needed

102

SigningCredentialsFormat

5.0

String

"CertStore"

The format of the signing certificate

103

SigningCredentialsStoreCertificateSubjectDistinguishedName

5.0

String

"CN=coslogin.local, OU=Development, O=ITSENSE AG, L=Aarau, S=AG, C=CH"

The DN of the signing certificate if configured

104

WsFederationPluginLicensee

5.0

Encrypted String

* * * *

The licence information for the plugin

105

WsFederationPluginLicenseKey

5.0

Encrypted String

* * * *

The licence key for the plugin

106

SamlPluginLicensee

5.0

Encrypted String

* * * *

The licence information for the plugin

107

SamlPluginLicenseKey

5.0

Encrypted String

* * * *

The licence key for the plugin

108

EnableInactivityLogout

4.0

110

EnablePortal

4.0

111

OperationalStateCleanupSleepInMinutes

5.8

Int

60

How often the operational state clean up should be performed

112

OperationalStateCleanupOlderThanInMinutes

5.8

Int

720

Data that is older than this value will be cleaned

113

WelcomePageRedirectUrl

7.0

string

https://www.mycompany.com

If the user lands on the Welcome Page of the Authentication Service, he will be redirected to the configured URL automatically

114

Captcha provider name

7.0

string

hcaptcha

You can either use recaptcha or hcaptcha.

https://www.google.com/recaptcha/about/

https://www.hcaptcha.com/