Skip to Main Content
Cumulocity IoT Feedback Portal
ADD NEW FEEDBACK

Authentication & Authorisation

Showing 24

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant. Itron supports many Trusted Root certificates and generates them as needed per manufacturing needs. What currently occurs is that if...
Andrew Nowak about 2 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Automatically disable users if not logged in since time period

Dears, this is somehow related to Request: C8YCORE-I-513 https://cumulocityiot.ideas.aha.io/ideas/C8YCORE-I-513 But, here I would like to request an automated function, that disables users after a defined time period of inactivity. Time period can...
Guest over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Likely to support/improve

Display message for Password reset email sent can be improved

Currently when the user tries to reset password using forgot password option, with wrong email id which doesn't exists, gets a standard display message that the "Password request has been sent. Please check your email". It is quite misleading to h...
Mohammed Ali Khan 9 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

For users created via SSO, display a more user-friendly value in the upper right corner (where the user menu is).

Sometimes the value of the User ID for users created via SSO is just a UUID value, i.e. some random string. This way it is difficult to understand which is the currently active user. Ideally a name or an email address would be displayed, similar t...
Guest over 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Map ID Token Parameters in SSO configuration

In the current SSO configuration in C8Y it is only possible to map the user ID claim from the Access token. The first issue is that if the user ID is not a human readable value, then in the C8Y header menu where the user name is displayed, the non...
Guest over 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 4 Likely to support/improve

Software Bill of Materials

Regulatory bodies are asking for more data around security of medical devices. I have been recently informed (second hand) that the US regulatory body (FDA) may in the next year or two require a Software Bill of Materials for Medical Device IoT pl...
Dave Presuhn 8 days ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Already supported

Password-change UX should consider server-synchronization

When a user changes the password (today in Cumulocity v10.15), the UX provides a success-message of the change without any conditions. However, the password may not be usable for some additional minutes as the change has not been synchronized acro...
Christoph Marschall about 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Likely to support/improve

Allow custom properties in SSO as is possible in the user api

Currently you can set some fields through SSO like name email id etc. You can not set custom properties like language preference unit preference. If you do not use SSO you can set custom properties on users.
Tom Michiels almost 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Future consideration

OAuth 2 Client Credentials Support

Hi, We have the current situation: The primary actor in this scenario on our side is an API, not a human being. We cannot use Basic or OAuth2 Internal authentication due to security requirements of our security department. We would like to be able...
Florian Huber over 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Clarification needed

TFA Settings - avoid invalid entries like 0minutes

- Admin App > Settings > Authentication > TA Settings - avoid inputs like "0" minutes for limit token and limit verification code, because user could locked out himself if het set 0 minutes
Guest over 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration