System tab
The System tab is responsible for general system configurations. It allows configuring essential settings before starting to work with the system and its other functions.
The description of fields in this tab is given in the table below.
| Field | Description |
|---|---|
| Audit Log Batch Size | Determines the number of log recordings displayed in a log viewer. |
| Default Managed System | Sets the default managed system. |
| Helpdesk Protected Role | Choose a managed system and the role(s) in it that will be asked security questions, which end users will answer by phone. |
| Is Create Request Categories Authorization Disabled | Since v4.1.8, users should be authorized to see categories. If set to 'true' (default), the old behavior is expected, i.e., all categories will be visible. Otherwise, users will see categories that they are authorized to. The common OpenIAM RBAC approach is used to define user access. |
| Is OAuth Client Authorization Disabled | Since v4.1.8, users should be authorized to use OAuth clients. If set to 'true' (default), the old behavior is expected, i.e., the user can use any OAuth client. Otherwise, the user can use only OAuth clients that they are authorized to. The common OpenIAM RBAC approach is used to define user access. |
| Date/Timepicker Format | Allows setting the format of the date to select a time value from the popup list or to set a desired time value. |
| Revoke Roles and Groups After Employee Termination | The checkbox makes it possible to revoke roles and group memberships from a terminated user. |
| Date Format | Sets the preferable date format to be displayed by the system. |
| Date/Time Format | Sets the preferred date + time format to be displayed by the system. |
| Connector Status Notification Group | In case the managed system or connector status has changed (went down or got back online, or there is no response from a connector), every user in the selected group will get an email about that. |
| Email Regular Expression | A regular expression used to check whether an email address is properly formatted. |
| Login Regular Expression | A regular expression used to check whether a login is properly formatted. |
| First Name Regular Expression | A regular expression used to check whether a user's first name is properly formatted. |
| Last Name Regular Expression | A regular expression used to check whether a user's last name is properly formatted. |
| Crypto Algorithm Name | The algorithm used to encrypt data. |
| Is Provisioning Enabled? | Checkbox enables the provisioning of users. |
| Is Entitlements Enabled via Provisioning? | Checkbox allows loading entitlement via provisioning. |
| Limit Search Only in Organization Scope | The checkbox allows limiting the scope of search only within the selected organization. |
| Following Roles Grant Access to See All Objects (Ignoring "Is Visible" Flag) | The field allows selecting users who can see all objects no matter if the 'is visible' flag is selected for the object or not. |
| Google Translation API Key | An API key that delivers machine translation results using Google's machine translation technology for the portal. |
| Allow Duplicate Email? | This property defines whether different users could have the same email address. If set to 'false', the email address must be unique for each user. |
| Enforce Subordinate Check for Operations | For the reset password operation, if a user tries to reset the password for another user and the property is set to 'true', they will only be able to do this for their direct reports (subordinates). |
| Application Launcher OAuth Client | Means the chosen OAuth client to launch applications. |
| Teams Plugin OAuth Client | Means the chosen OAuth client to launch the Teams plugin. |
| Allow Enter OTP Email On-the-Fly | Outdated property. It will be removed in further versions of OpenIAM. |
| Full Name Ordering | Sets the order for the name and surname to appear in the system. |
| Additional User Search Criteria | Here the user can specify other criteria by which the users can be found when using the search. |
| Columns Shown in the User Search Results | This feature allows a user to specify which columns with user data appear in the search results. |
| Forbid Self-Service Operations on Inactive Users | When the user status is set to 'inactive' and when the value of this checkbox is set to 'true', the actions via the Self-Service portal will not be performed for such users. |
| Allow Change Own Entitlements | In case the value of this property is set to 'true', the admin or the user configuring the system can change their own entitlements the same way as for other users. Otherwise, these can be changed only by other authorized user(s). |
| Allow Change Own Status | In case the value of this property is set to 'true', the admin or the user configuring the system can change their own status the same way as for other users. Otherwise, it can be changed only by other authorized user(s). |
Upon all the properties are configured, click Save to save the changes.