Skip to main content
Ctrl+K
Logo image

Site Navigation

  • Product Overview
  • Update
  • Specification
  • Administration
  • Integration
  • Modules
  • Download PDF
  • Online-demo
  • Русский
  • Distribution packages
  • identityblitz.com

Site Navigation

  • Product Overview
  • Update
  • Specification
  • Administration
  • Integration
  • Modules
  • Download PDF
  • Online-demo
  • Русский
  • Distribution packages
  • identityblitz.com

In this document

Deployment

  • Deployment architecture
  • System requirements
  • General installation instructions
  • Express instructions for various operating systems
    • Limitations when using instructions
    • Rocky Linux, AlmaLinux, Oracle Linux, RHEL
  • The first steps after installation
    • Configure launch options for Blitz Identity Provider services
    • Logging in to Admin console
    • License key installation
    • Administrator account management
    • Restarting Blitz Identity Provider services
    • Deleting files used for installation

Basic configuration

  • User account attributes
    • What is an account attribute?
    • Configuring the available attributes
    • Connecting attribute storages
  • Authentication
    • How to work with authentication settings
    • General settings
    • Password policies
    • Security key management
    • Logging in using login and password
    • Logging in with electronic signature tool
    • Logging in via external identification services
    • Logging in with proxy authentication
    • Logging in using operating system session
    • Logging in with email
    • Logging in with confirmation codes
    • Logging in from known device
    • Logging in by one-time link
    • Logging in by QR code
    • Automatic user identification by session properties
    • Log-in confirmation with a HMAC-based one-time password (HOTP)
    • Time-based one-time password log-in confirmation (TOTP)
    • Binding devices to user accounts
    • Confirmation codes sent in SMS and push notifications
    • Confirmation codes sent by email
    • Log-in confirmation via Duo Mobile
    • Re-confirmation when logging in from known device
    • Confirmation by answering security question
    • Confirmation by incoming call
    • Configuring an external authentication method
    • Customizing the Impersonalization Procedure
  • External identity providers
    • How to set up login via external identity providers
    • International providers
    • Login via another Blitz Identity Provider setup
    • Account linking settings
  • Customizing user services
    • General settings
    • User registration
    • User profile
    • Access recovery
  • User administration
    • User account management
    • User search
    • Adding a user
    • View and edit user attributes
    • Managing user groups
    • Access rights management
  • Notifications and sending messages

Access to applications and network services

  • Registering applications in Blitz Identity Provider
  • Operation schemes of SSO technologies
    • Connecting a web app via OIDC
    • Connecting a mobile app via OIDC
    • Connecting an app via SAML
  • Configuring SAML and WS-Federation
  • OAuth 2.0 and OpenID Connect 1.0
  • Simple
  • Interaction via the REST API
  • Access to network services via RADIUS

Customization with Java code

  • Login procedures and their creation
  • Ready-made login procedures
    • Forced two-factor authentication
    • Limiting the list of available first factor methods
    • Log in only with a certain attribute value
    • Prohibiting login after account expiration
    • Log in only from certain networks
    • Prohibition of work in several simultaneous sessions
    • Saving a list of user groups in claims
    • Displaying an announcement to the user at login
    • Request for user to enter attribute or actualize phone and email
    • Requesting the user to enter a security question
    • Registration of security key (WebAuthn, Passkey, FIDO2) at login
    • Display a list of value selections to the user at login
  • Functions and methods of various purposes in login procedures
    • Obtaining the user’s geodata
    • User session reset
    • Invoking custom errors in script
    • Analyzing application tags
  • Customization of the logic of operations with data storages
  • Procedures for binding external user accounts
    • User registration in external identity provider
    • Discovering external account name

UI design and texts

  • Login page
  • User profile
  • Multilanguage support
  • Interface text settings
  • Logos for external provider log-in buttons

Configuration file settings

  • Configuration file list
  • Settings in blitz.conf file
    • Logins and passwords
    • Attributes
    • CAPTCHA
    • Queue server
    • Stores and databases
    • Blitz Identity Provider domain
    • Users
    • WebAuthn, Passkey, FIDO2, U2F provider certificates
    • OIDC, SAML, and external identity providers
    • Logging incomplete login attempts
    • Transferring security events to file or Kafka
    • Storing application settings in separate files
    • SSO session duration
  • Admin console settings
  • Configuring Token Exchange

Security, maintenance, and troubleshooting

  • Viewing security events
  • Application performance monitoring
  • Problem solving
  • Security gateway
  • Administration
  • Logos for external provider log-in buttons

Logos for external provider log-in buttons#

In Blitz Identity Provider, you can change the logos displayed on the login buttons using external identity providers (social networks) on the login page and the external identity provider bind buttons in the User profile.

To customize, you must create lines in the custom_messages directory in the messages file whose names correspond to the following patterns:

  • for the login page is meth-logo.${type}.${name}

  • for User profile - social-icon.${type}.${name}

${type} specifies the type of external identity provider, ${name} specifies the name of the identity provider. The values are taken from the настроек.

The string values specify the <icon class> names assigned to buttons.

Example lines:

social-icon.saml.demo-idp=saml-demo
meth-logo.saml.demo-idp=meth-saml-demo

previous

Interface text settings

next

Configuration file list

Identity Blitz © 2024

Last updated on Aug 07, 2024.