Cumulocity IoT Feedback Portal
ADD NEW FEEDBACK

Authentication & Authorisation

Showing 8

Add PKCE to single sign-on

Add support for PKCE (https://www.rfc-editor.org/rfc/rfc7636) in the authorisation code grant flow when configuring single sign-on as an authentication method. This is related to C8YCORE-I-311.
Guest about 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Restrict admin console to certain IP address space

By restricting access to the admin portal (Cockpit, device management, etc) to certain IP address ranges, we can restrict admins to only accessing admin functions while on our corporate network. This will improve security by making the admin apps ...
Dave Presuhn over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Allow custom properties in SSO as is possible in the user api

Currently you can set some fields through SSO like name email id etc. You can not set custom properties like language preference unit preference. If you do not use SSO you can set custom properties on users.
Tom Michiels over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Future consideration

For users created via SSO, display a more user-friendly value in the upper right corner (where the user menu is).

Sometimes the value of the User ID for users created via SSO is just a UUID value, i.e. some random string. This way it is difficult to understand which is the currently active user. Ideally a name or an email address would be displayed, similar t...
Guest about 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Allow for custom authentication for microservices end-points and frontend applications (disable Cumulocity authentication)

We would like to deploy new frontend application and microservices using their own authentication. Therefore we would need to have an option to disable Cumulocity authentication on the microservice endpoints and frontend application artifacts.
Peter Gaspar about 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Future consideration

TFA Settings - avoid invalid entries like 0minutes

- Admin App > Settings > Authentication > TA Settings - avoid inputs like "0" minutes for limit token and limit verification code, because user could locked out himself if het set 0 minutes
Guest about 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Unlocking tenant admin's account

When a tenant admin’s account is locked due to several wrong password attempts, it's not possible to unlock it via UI. Support team says that it should be done on DB by ops team. I believe it should be done on UI by management tenant's admin. Solu...
Guest over 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Future consideration

Be able to deactivate creation and usage of local user accounts in Cumulocity

When using SSO, for security and governance reasons it shouldn't be possible to create or use local user accounts.
Nikolaus Neuerburg over 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration