Configure security settings for Clients
In the Management Portal at Setup > Clients, configure security settings for Mobile and Windows Clients.
Mobile Clients
With the Mobile Client, mobile employees can view, request and manage corporate applications and services from their iOS or Android mobile device. Managers can easily use the Mobile Client to approve requests for services and order relevant services on behalf of employees.
Users can secure access to the Identity Director app with a PIN code. In the Management Portal, you can make usage of this PIN code mandatory. Alternatively, you can force users to provide their credentials when they start their app. This helps you to prevent scenarios in which unauthorized people have access to your environment if a mobile phone or tablet is lost or stolen.
Users can download the Mobile Client from the Apple App Store (iOS) and Google Play Store (Android), where they can find the app as Identity Director.
Item | Explanation and Tips |
---|---|
Remember sign in settings |
Enable this option to allow users to save their credentials, so they do not have to provide them each time they start the Identity Director app. This shows the Remember me option on the sign-in page of the app. |
Force PIN validation when signing in | Enable this option to force users to provide a PIN code when they start the app. This overrules the Remember me option on the sign-in page of the app.
|
Allow biometric identification | Enable this option to allow identification using fingerprint sensors, face recognition (etc.) in the Mobile Client. |
Inform users about Mobile Clients on Web Portal sign-in page |
You can promote the usage of the Mobile Client on the sign-in page of the Web Portal.
|
Windows Clients
The Windows client can display messages, facilitate the Password Reset and Unlock Account features, and give access to the Web Portal.
Item | Explanation and Tips |
---|---|
Remember sign in settings |
Enable this option to allow users to save their credentials, so they do not have to provide them each time they logon to their computer. This unlocks the Remember me option on the sign-in message of the client. |
Require password entry after | Users must enter their password after the selected number of days. |
Require password entry if user has been inactive for | Users must enter their password after they did not use the Windows client for the selected number of days. This is also the case if the interval for Require password entry after has not yet expired. |
Web Portal shared access policy |
The keys listed here are used to secure communications between the Windows Clients and the Web Portal. Both the Primary Key and the Secondary Key can be used, but only one can be used on a client. Example of using primary and secondary keys
If the primary key is compromised for any reason:
Configuration during installation of the clients Use the public property WEBPORTALSHAREDACCESSKEY Configuration of already installed clients Use the following command line on every machine running the Windows client: |
Privacy Policy
The Privacy Policy notification can help you make the Web Portal and Mobile Client GDPR-compliant, by displaying a cookie notification and a link to a Privacy Policy.
Please consult with the legal department of your organization, if displaying the notification is necessary.
The notification will appear only at the first visit, unless cookies are removed or not stored.
Item | Explanation and Tips |
---|---|
Enabled |
Enable the notification. By default, it is disabled. |
Title | The title that is displayed in the notification. |
Policy URL | The URL to the Privacy Policy. The notification contains a button that uses this URL. By default, the URL will link to the Ivanti Privacy Policy |
Message |
The message that is displayed in the notification. |
The styling options allow you to create the appropriate look for he notification.
You can restore the fields in the table above to their default values by using .
Translations (Privacy Policy only)
Use the Translations tab to view the set of supported languages, and to export and import service properties file (RESX) for each supported language.
This tab is only available if you have enabled translations at Setup > Translations.
Configuration
Field | Explanation and Tips |
---|---|
Default language | The language that has been set as default at Setup > Translations Click to export the RESX of the default language and use it as the basis of translations for the other supported languages. |
Other supported language(s) | List of other languages that have been enabled at Setup > Translations.
|
The name of the exported RESX file has the format <name>_<language_abbreviation>.resx.