User Profiles
Overview
Whenever a user logs in to HySecure gateway, a profile gets created for him and which can be managed by the administrator. The list of profiles can be viewed in the User Profiles page under AUTH MANAGEMENT. As part of the profile management, following actions can be performed by the Administrator
-
Add a user profile for a user which is not available. Tokens can then be assigned to the user.
-
Lock the user so that s/he cannot log on to the HySecure
-
Unlock the user if s/he was either locked by the Administrator or was locked out due to password failed attempts
-
Delete the profile so that ???
-
View the Profile Details and eventually perform either of the following activities on the user
-
Activate / De-activate the mobile token
-
Assign / Un-assign hardware token
-
Reset user password. As a reult, user would need to login with ??? password
-
Generate offline OTP on behalf of the user
-
User Profile List
To get the existing list of local users, perform the following steps:
- Open the Management console and expand AUTH MANAGEMENT
- Select User Profiles from the sub menu
- All the user profiles be visible on this page in a tabular manner with the following information of each user profile:
| # | Field | Description |
|---|---|---|
| 1. | Status | This indicates the status of the profile as locked or unlocked. Locked profile is indicated by a blue tick icon and an unlocked profile is indicated by a red cross icon. |
| 2. | User ID | This is the id of the user with which s/he would login to HySecure |
| 3. | Display Name | This is the full display name of the user |
| 4. | Realm Name | This represents the HySecure Domain to which the user connects to, while logging in to HySecure |
| 5. | Authentication Domain | This represents the Authentication domain attached to the HySecure Domain, to which the user connects to. The user is authenticated from the Authentication server configured in this Authentication Domain |
| 6. | Authentication Server | This is the Authentication Server from which the user is authenticated |
| 7. | Authentication failed attempts |
Search User Profiles
In case there are a large number of user profiles, the administrator can filter or search a particular profile based on any one of the following fields:
- Profile Status
- User Name
- Display Name
- Authentication Domain
- Authentication Server
- Authentication Failed Attempts
The field on which the list is to be filtered can be selected in the "Search Filter" drop down list. The search values can then be specified in the "Search User" text box. On clicking the "Show" button, the filtered list will get displayed.
In case of Search Filter being "Profile Status", the Search Profile option can be selected as either "Locked Profile" or "Unlocked Profile".
Exporting User Profiles List
On the User Profiles page, click on Export Profiles List on top right of the page. The list of User Profiles will be exported and downloaded in a csv format.
Add User
On the User Profiles page, click on the Add User button to create a user profile and provide the following information and click on Submit button. Adding the user profile manually helps the administrator assign tokens to the user.
| Field | Description |
|---|---|
| Select HySecure Domain | Select the Hysecure Domain to which the user would log on to |
| Select Authorization Server | Select The Authorization Server created as part of the Authentication Domain which is assigned to the HySecure Domain. The user will be authorized against this Authorization server |
| Select Users | The users from the selected authorization server will be listed in the user list. Select the user for whom the profile needs to be created and click on the "Add" button |
Click Submit to create user profile or click Reset to clear the data entered in the fields. A success message confirms that the user profile has been created.
Unlock User
On the User Profiles page, select the user which needs to be unlocked. Click the "Unlock" button. On confirming, the user will get unlocked and will be able to log in to HySecure again.
Lock User
On the User Profiles page, select the user which needs to be locked. Click the "Lock" button. On confirming, the user will get locked and will not be able to log in to HySecure.
Deleting User
On the User Profiles page, select the user prpofile which needs to be deleted and click on the Delete button. On confirmation, the user profile will be deleted.
Listing Profile Details
On the User Profiles page, select the user whose profile details need to be viewed. Click on the "Profile Details" button.
Basic Info
| # | Field | Description |
|---|---|---|
| 1 | User ID | This lists the user ID with which the user logs in to HySecure. |
| 2 | Authentication Domain | This lists the Authentication Domain used for authenticating the user and authorizing the user for the needed access |
| 3 | Authentication Server | This is the specific Authentication Server configured in the Authentication Domain, which gets used for authenticating the user |
| 4 | Authorization Server | This is the specific Authorization Server configured in the Authentication Domain, which gets used for authorizing the user for the needed access |
| 5 | Alternate Mobile | This is the alternate mobile number for ??? |
| 6 | Alternate Email | This is the alternate email for ??? |
| 7 | First Login Time | |
| 8 | Last Login Time |
Tokens
| # | Field | Description |
|---|---|---|
| 1 | Mobile Token | MobileToken can be activated for the user by clicking on the "Activate" link. A QR code and manual code will be displayed which needs to be scanned while adding an account in the HyID app from the Play Store. A 6-digit code will be generated on the app which will need to be entered in the "HyID Passcode" mentioned here and clicking on the "Verify" button. The mobile token will thus get registered for the user. Please refer next steps immediately after this table to use Mobile Tokens |
| 2 | Hardware Token | If a hardware token has not been assigned, a link to "Assign" will be enabled to assign a hardware token to this user profile for using it as a 2nd factor of authentication. On clicking "Assign", the hardware token can be registered for the user. Following dialog will pop up indicating: User Name: Name of the user for whom the token needs to be assigned Authentication Domain: The authentication domain through which the user is authenticated Select a serial number for user profile: Select the serial number of the imported hardware tokens which needs to be assigned to this user.  |
Using Mobile Tokens
If administrator assigns HyID mobile token to end user. Then open and try to login using web portal. Select Mobile token and click on link called "Registered Mobile Token".
Now user needs to select email or SMS OTP. Then OTP will be sending to user's email id or mobile number. Next screen user needs to enter received OTP and click on next button to get mobile token registration code/QR code.
User should download HyID software from google app play or iOS apps store. Using this HyID app user need to scan QR code or manually enter registration number. Once token is configured then user can verify the token using this portal also.
Reset Password
Click on the link to reset the user's password
Offline OTP
Click on the link to generate offilne OTP on behalf of the user.