Skip to Main Content
Cumulocity IoT Feedback Portal
ADD NEW FEEDBACK

Authentication & Authorisation

Showing 13

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant. Itron supports many Trusted Root certificates and generates them as needed per manufacturing needs. What currently occurs is that if...
Andrew Nowak 5 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Display message for Password reset email sent can be improved

Currently when the user tries to reset password using forgot password option, with wrong email id which doesn't exists, gets a standard display message that the "Password request has been sent. Please check your email". It is quite misleading to h...
Mohammed Ali Khan 12 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Support User Functionality at Enterprise Tenant Level also

I raised two requests for support user functionality to enable a couple of business requirements for OEM customers like us. 1. We planned to leverage SaaS enterprise tenants in some regions compared to dedicated deployment in the NA region. We are...
Venkatesu Punugupati 5 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 4 Future consideration

Add the customizable placeholder for password change in Enterprise tenant

Hi, We have a request to add placeholder that customer can customize for password change. For security reason, the token for password change cannot be obtained by API. The token is only available in the following placeholder set in Enterprise ...
Guest 6 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Enable read-only access to certificates

We have multiple teams using certificates for mutual authentication. During their development it would be very useful for them to be able to see the trusted certificates. Right now I can grant them admin rights to certs but that lets them change t...
Dave Presuhn 7 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Allow custom properties in SSO as is possible in the user api

Currently you can set some fields through SSO like name email id etc. You can not set custom properties like language preference unit preference. If you do not use SSO you can set custom properties on users.
Tom Michiels about 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Future consideration

For users created via SSO, display a more user-friendly value in the upper right corner (where the user menu is).

Sometimes the value of the User ID for users created via SSO is just a UUID value, i.e. some random string. This way it is difficult to understand which is the currently active user. Ideally a name or an email address would be displayed, similar t...
Guest over 3 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Add PKCE to single sign-on

Add support for PKCE (https://www.rfc-editor.org/rfc/rfc7636) in the authorisation code grant flow when configuring single sign-on as an authentication method. This is related to C8YCORE-I-311.
Guest over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Restrict admin console to certain IP address space

By restricting access to the admin portal (Cockpit, device management, etc) to certain IP address ranges, we can restrict admins to only accessing admin functions while on our corporate network. This will improve security by making the admin apps ...
Dave Presuhn almost 2 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

TFA Settings - avoid invalid entries like 0minutes

- Admin App > Settings > Authentication > TA Settings - avoid inputs like "0" minutes for limit token and limit verification code, because user could locked out himself if het set 0 minutes
Guest over 4 years ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration