Authentication & Access

Configure the contents related to application security, such as authentication, access control, etc. Select "Authentication & Access" from the Application Settings in the side menu.

Authentication

Sets whether or not authentication is required to use the application.

Required

Since authentication is required to use the application, the sign-in screen will appear first.

Not Required

The sign-in UI is not displayed.

Note

• If [Off] is selected, there are no settings after the sign-up permission.
• After 5 failed sign-in attempts, the user is locked out for 1 second. The lockout period doubles after each failed attempt, up to a maximum of approximately 15 minutes.
• Authentication and external authentication can be configured in combination.

Sign In required to access the app

Set whether to allow users to sign up by themselves when authentication is required to use the application.

Enable

Allow users to sign up for themselves.

Disable

Do not allow users to sign up by themselves. The administrator creates the user.

Note

Multiple applications can be deployed in the execution environment. Authentication is performed by the only authentication module in the execution environment. Therefore, if one of the applications is authenticated, the other applications will also be authenticated. If there is an application that you want only certain users to be able to access, you will need to set up the following access groups. In such cases.

Access Groups

Although multiple applications can run in the execution environment, if you want only specific users to be able to access a particular application, you can create an accessible group and set that group to the application. Enter the group name directly in the "Group" field. To set multiple groups, press the Enter key to set them consecutively. The sum of the users in each group is the list of users who have access to that application. By default, the Global group is set to include all users.

Note

If you want to give access only to specific users, you should replace the Global group with another group.

Allow Multi Factor Authentication

Specify whether or not the application requires multi-factor authentication (MFA) for enhanced security over ID/password authentication.

Required

For users who have not configured multi-factor authentication, the user is directed to the multi-factor authentication settings. When "Make MFA mandatory for all users" is turned on, the user is always directed to the multi-factor authentication settings at sign-in and prompted to enable multi-factor authentication.

Optional

No inducement to set up multi-factor authentication is provided.

Note

• The "enable/disable" setting for multi-factor authentication is retained as user information and is common to all applications in the execution environment.
  Therefore, users with multi-factor authentication enabled will always require multi-factor authentication to sign in to applications in the execution environment.
  Settings cannot be changed on a per-application basis within the execution environment.
• To disable multi-factor authentication, click the Disable button on the MFA Setting screen (Sign In MFA) or reset the password on the Reset Password screen (Reset Password Step 1).
  To re-enable, click the Enable button on the MFA Setting screen (Sign In MFA) and set up multi-factor authentication.

Cookie Expiration Time

Set the cookie expiration time when using the application. The cookie expiration time is the period during which the cookie remains valid after a user signs in.

• You can specify a value from 0 to 7,776,000 seconds.

Show WPNX Sign-in Screen When External Authentication Is Linked

Set whether to show the external IdP sign-in screen directly without going through the WPNX sign-in screen when using the application.

Yes

• Displays the sign-in screen of the authentication UI.

No

• If [No] is selected, the [IdP] field is displayed.
  The IdP sign-in screen configured in the [IdP] field is shown.

Authentication Messages

Set the message content shown in authentication messages. Authentication messages are shown at the top of the screen when using the application.
The following are the default message keys and values.
If neither English nor Japanese is configured, the default message is shown.

Key	Value	Display timing
signInId.next.error.EMPTY_FIELD	Please enter your email.	When the email field is empty
signInId.next.error.USER_NOT_FOUND	Unable to continue with this email. Please try again.	When the entered email value is invalid
signInPassword.signIn.error.PASSWORD_EMPTY	Please enter your password.	When the password field is empty
signInPassword.signIn.error.INCORRECT_USERNAME_OR_PASSWORD	Incorrect email or password.	When the entered password is incorrect
signInPassword.signIn.error.TEMP_PASSWORD_EXPIRED	Your temporary password has expired. An administrator must reset it.	When the temporary password has expired
signInNewPassword.signIn.error.PASSWORD_EMPTY	Please enter your password.	When the new password field is empty
signInNewPassword.signIn.error.PASSWORD_POLICY_TOO_SHORT	Password is too short.	When the new password length does not meet the requirement
signInNewPassword.signIn.error.PASSWORD_POLICY_NEED_LOWER	Password must include lowercase letters.	When the new password does not include a lowercase letter
signInNewPassword.signIn.error.PASSWORD_POLICY_NEED_UPPER	Password must include uppercase letters.	When the new password does not include an uppercase letter
signInNewPassword.signIn.error.PASSWORD_POLICY_NEED_NUMBER	Password must include numbers.	When the new password does not include a number
signInNewPassword.signIn.error.PASSWORD_POLICY_NEED_SYMBOL	Password must include symbols.	When the new password does not include a symbol
signUpForm.createAccount.error.EMAIL_EMPTY	Please enter your email.	When the email field is empty on the sign-up screen
signUpForm.createAccount.error.EMPTY_FIELD	There are required fields that have not been filled in.	When there are empty required fields on the sign-up screen
signUpForm.createAccount.error.TERMS_NOT_ACCEPTED	Please accept the terms & conditions.	When the terms are not accepted on the sign-up screen
signUpForm.createAccount.error.USER_NOT_FOUND	Unable to continue with this email. Please try again.	When the entered email value is invalid on the sign-up screen
signUpForm.createAccount.error.PASSWORD_POLICY_TOO_SHORT	Password is too short.	When the password is too short on the sign-up screen
signUpForm.createAccount.error.PASSWORD_POLICY_NEED_LOWER	Password must include lowercase letters.	When the password does not include a lowercase letter on the sign-up screen
signUpForm.createAccount.error.PASSWORD_POLICY_NEED_UPPER	Password must include uppercase letters.	When the password does not include an uppercase letter on the sign-up screen
signUpForm.createAccount.error.PASSWORD_POLICY_NEED_NUMBER	Password must include numbers.	When the password does not include a number on the sign-up screen
signUpForm.createAccount.error.PASSWORD_POLICY_NEED_SYMBOL	Password must include symbols.	When the password does not include a symbol on the sign-up screen
signUpForm.createAccount.error.PASSWORD_MISMATCH	Password do not match.	When passwords do not match on the sign-up screen
signUpForm.createAccount.error.MAX_USER_LIMIT_REACHED	The maximum number of users has been reached.	When the user limit has been reached on the sign-up screen
signUpVerifyEmail.next.error.EMAIL_OTP_EMPTY_OR_INVALID	Please enter the verification code.	When the verification code is empty or invalid on the sign-up screen
signUpVerifyEmail.next.error.INVALID_VERIFICATION_CODE	Incorrect verification code.	When the verification code is incorrect on the sign-up screen
signUpVerifyEmail.next.success	Sign-up successful. Please sign in.	When sign-up succeeds on the sign-up screen
signUpVerifyEmail.resend.success	The verification code has been resent successfully.	When resending the verification code succeeds on the sign-up screen
mfaSettingStep2.verifyContinue.error.INVALID_CODE	Please enter a valid code.	When a valid code is not entered on the MFA settings screen
mfaSettingStep2.verifyContinue.error.INCORRECT_CODE	Incorrect code.	When the code is incorrect on the MFA settings screen
resetPasswordStep1.sendOtpEmail.error.EMAIL_EMPTY	Please enter your email.	When the email field is empty on the password reset screen
resetPasswordStep2.resetPassword.success	Your password has been reset. Please sign in again.	When password reset succeeds on the password reset screen
resetPasswordStep2.resetPassword.error.FILL_ALL_FIELDS	There are required fields that have not been filled in.	When there are empty required fields on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_MISMATCH	Password do not match.	When passwords do not match on the password reset screen
resetPasswordStep2.resetPassword.error.INVALID_VERIFICATION_CODE	Invalid verification code.	When the entered code is incorrect on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_POLICY_TOO_SHORT	Password is too short.	When the password is too short on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_POLICY_NEED_LOWER	Password must include lowercase letters.	When the password does not include a lowercase letter on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_POLICY_NEED_UPPER	Password must include uppercase letters.	When the password does not include an uppercase letter on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_POLICY_NEED_NUMBER	Password must include numbers.	When the password does not include a number on the password reset screen
resetPasswordStep2.resetPassword.error.PASSWORD_POLICY_NEED_SYMBOL	Password must include symbols.	When the password does not include a symbol on the password reset screen
changePassword.submitResetPassword.success	Your password has been changed. Please sign in.	When password change succeeds on the change password screen
changePassword.submitResetPassword.error.EMPTY_FIELD	There are required fields that have not been filled in.	When there are empty required fields on the change password screen
changePassword.submitResetPassword.error.PASSWORD_MISMATCH	Password do not match.	When passwords do not match on the change password screen
changePassword.submitResetPassword.error.INCORRECT_OLD_PASSWORD	Incorrect old password.	When the old password is incorrect on the change password screen
changePassword.submitResetPassword.error.PASSWORD_POLICY_TOO_SHORT	Password is too short.	When the password is too short on the change password screen
changePassword.submitResetPassword.error.PASSWORD_POLICY_NEED_LOWER	Password must include lowercase letters.	When the password does not include a lowercase letter on the change password screen
changePassword.submitResetPassword.error.PASSWORD_POLICY_NEED_UPPER	Password must include uppercase letters.	When the password does not include an uppercase letter on the change password screen
changePassword.submitResetPassword.error.PASSWORD_POLICY_NEED_NUMBER	Password must include numbers.	When the password does not include a number on the change password screen
changePassword.submitResetPassword.error.PASSWORD_POLICY_NEED_SYMBOL	Password must include symbols.	When the password does not include a symbol on the change password screen
common.error.USER_DONT_HAVE_APP_PERMISSION	You do not have permission to access this application.	When the user does not have permission to access the application
common.error.USER_DONT_HAVE_UI_PERMISSION	You do not have permission to access this page.	When the user does not have permission to access the screen

Note

• If no value is specified for a key, the default message is used.

Top-Level Folders Allowed for Access (Multiple)

You can configure multiple top-level folders that the application is allowed to access.

Enter folder names to allow in slash-delimited format, then press the Enter key to set each value.

Note

• The default value is / (root folder).
• You can configure up to 256 characters in total.