Skip to Main Content
Cumulocity IoT Feedback Portal
ADD NEW FEEDBACK

Authentication & Authorisation

Showing 9

Support inventory role mapping for SSO users

For SSO users global roles assignment can be controlled based on attributes from the Active Directory. Inventory roles need to be added manually afterwards. This is probably because the mapping for inventory roles is significantly more complex as ...
Guest over 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Added/Resolved πŸŽ‰

Device Certificate Authentication - Support CRL/OCSP

In devicemanagement, one can onboard devices with a certificate but after onboarding, there is no possibility to authenticate with certificates. It would be a big added value for security and management of our clients, since no credentials would b...
Guest about 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰

Option of defining the type header in SSO Settings

In fact, OAuth 2 (and also OpenID Connect) does not specify how access tokens should look like and which format should be used. That's why I expect the greatest possible flexibility from an implementer when it comes to validating access tokens. Id...
Guest over 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰

As customer I want unauthorised request attempts in the audit logs

Unauthorized request (all reqeusts which require authentication and without valid credentials being provided) Successful login (TFA, oAuth) Unsuccessful login (TFA, oAuth) Password change (local accounts)
Jens Wildhagen almost 5 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰

API-function for checking the accepted length of the chain of X509-certificates

Excerpt from https://cumulocity.com/guides/10.11.0/device-sdk/mqtt/#device-certificates : β€œIf these device certificates are signed by the customer certificate, then the platform should trust them too. In this case, every device should send not onl...
Guest almost 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰

User need to have the option to cancel the changes in Authentication settings and no need to have information provided by the platform for the same

User is Forced to "log out" once authentication mode is changed and no user Indication provided to the user. When user tries to Save the modified authentication mode, user is forced to logout from the platform and not provided with any option to "...
Guest over 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Added/Resolved πŸŽ‰

As customer I want to have TLS 1.3 in order to have more secure connections

We need at least a roadmap to do this. "And as of August 2018, the final version of TLS 1.3 is now published (RFC 8446). Companies such as Cloudflare are already making TLS 1.3 available to their customers. ... In short, the major benefits of TLS ...
Jens Wildhagen almost 5 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰

Support access tokens tokens from external IAM natively

No description provided
Nikolaus Neuerburg almost 5 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Added/Resolved πŸŽ‰

Ability to control SSO authentication cookie expiration

We would like the ability to control the expiration date of SSO authentication cookies issued by the Cumulocity Front End per tenant in order to meet our customer's requirements. Ability to do so either through configuration or the Administration ...
Nikolaus Neuerburg almost 5 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Added/Resolved πŸŽ‰