Skip to main content
Ctrl+K
Logo image

Site Navigation

  • Product Overview
  • Update
  • Specification
  • Administration
  • Integration
  • Modules
  • Download PDF
  • Online-demo
  • Русский
  • Distribution packages
  • identityblitz.com

Site Navigation

  • Product Overview
  • Update
  • Specification
  • Administration
  • Integration
  • Modules
  • Download PDF
  • Online-demo
  • Русский
  • Distribution packages
  • identityblitz.com

In this document

Deployment

  • Deployment architecture
  • System requirements
  • General installation instructions
  • Express instructions for various operating systems
    • Limitations when using instructions
    • Rocky Linux, AlmaLinux, Oracle Linux, RHEL
  • The first steps after installation
    • Configure launch options for Blitz Identity Provider services
    • Logging in to Admin console
    • License key installation
    • Administrator account management
    • Restarting Blitz Identity Provider services
    • Deleting files used for installation

Basic configuration

  • User account attributes
    • What is an account attribute?
    • Configuring the available attributes
    • Connecting attribute storages
  • Authentication
    • How to work with authentication settings
    • General settings
    • Password policies
    • Security key management
    • Logging in using login and password
    • Logging in with electronic signature tool
    • Logging in via external identification services
    • Logging in with proxy authentication
    • Logging in using operating system session
    • Logging in with email
    • Logging in with confirmation codes
    • Logging in from known device
    • Logging in by one-time link
    • Logging in by QR code
    • Automatic user identification by session properties
    • Log-in confirmation with a HMAC-based one-time password (HOTP)
    • Time-based one-time password log-in confirmation (TOTP)
    • Binding devices to user accounts
    • Confirmation codes sent in SMS and push notifications
    • Confirmation codes sent by email
    • Log-in confirmation via Duo Mobile
    • Re-confirmation when logging in from known device
    • Confirmation by answering security question
    • Confirmation by incoming call
    • Configuring an external authentication method
    • Customizing the Impersonalization Procedure
  • External identity providers
    • How to set up login via external identity providers
    • International providers
    • Login via another Blitz Identity Provider setup
    • Account linking settings
  • Customizing user services
    • General settings
    • User registration
    • User profile
    • Access recovery
  • User administration
    • User account management
    • User search
    • Adding a user
    • View and edit user attributes
    • Managing user groups
    • Access rights management
  • Notifications and sending messages

Access to applications and network services

  • Registering applications in Blitz Identity Provider
  • Operation schemes of SSO technologies
    • Connecting a web app via OIDC
    • Connecting a mobile app via OIDC
    • Connecting an app via SAML
  • Configuring SAML and WS-Federation
  • OAuth 2.0 and OpenID Connect 1.0
  • Simple
  • Interaction via the REST API
  • Access to network services via RADIUS

Customization with Java code

  • Login procedures and their creation
  • Ready-made login procedures
    • Forced two-factor authentication
    • Limiting the list of available first factor methods
    • Log in only with a certain attribute value
    • Prohibiting login after account expiration
    • Log in only from certain networks
    • Prohibition of work in several simultaneous sessions
    • Saving a list of user groups in claims
    • Displaying an announcement to the user at login
    • Request for user to enter attribute or actualize phone and email
    • Requesting the user to enter a security question
    • Registration of security key (WebAuthn, Passkey, FIDO2) at login
    • Display a list of value selections to the user at login
  • Functions and methods of various purposes in login procedures
    • Obtaining the user’s geodata
    • User session reset
    • Invoking custom errors in script
    • Analyzing application tags
  • Customization of the logic of operations with data storages
  • Procedures for binding external user accounts
    • User registration in external identity provider
    • Discovering external account name

UI design and texts

  • Login page
  • User profile
  • Multilanguage support
  • Interface text settings
  • Logos for external provider log-in buttons

Configuration file settings

  • Configuration file list
  • Settings in blitz.conf file
    • Logins and passwords
    • Attributes
    • CAPTCHA
    • Queue server
    • Stores and databases
    • Blitz Identity Provider domain
    • Users
    • WebAuthn, Passkey, FIDO2, U2F provider certificates
    • OIDC, SAML, and external identity providers
    • Logging incomplete login attempts
    • Transferring security events to file or Kafka
    • Storing application settings in separate files
    • SSO session duration
  • Admin console settings
  • Configuring Token Exchange

Security, maintenance, and troubleshooting

  • Viewing security events
  • Application performance monitoring
  • Problem solving
  • Security gateway
  • Administration
  • User administration
  • User search

User search#

To search for users, enter the user ID and click the “Search” button. The attribute is used as the displayed identifier, defined in the “Data sources” section as the base identifier, as well as attributes marked as search attributes.

The list of users found contains:

  • identifier of the found user;

  • store where user was found;

  • user name, configured in the “Data sources” section.

Clicking on any of the found accounts opens the information details of the user.

Also available:

  • when you click link copy button, the link to the found user will be copied to the clipboard;

  • the link “Security events” allows you to quickly view security events for the current day, in which the found user appears as an access object.

previous

User account management

next

Adding a user

Identity Blitz © 2024

Last updated on Aug 07, 2024.