• Votes

    3

    Make all SAML 2.0 provider metadata settings editable in Admin Console

    Sometimes a metadata file is not available, is faulty, or some settings need to be added or removed, e.g. SingleLogoutService. Currently only some / the main provider ...

  • Planned

    11

    Include client IP address in all IDP event entries

    As it stands, the audit/event logging in the IDP rarely provides any way to reliably figure out the client IP address of events. 1) Who would want this: SIEM ...

  • Votes

    1

    Enhancements for OAuth Authorization Grant Information Schema ...

    Please add an option in Admin Console to extend an eDirectory user store with the nidsOAuthGrant attribute _and_ an auxiliary class for it. Please have NAM dynamically ...

  • Votes

    3

    JAVA LDAP Timeouts

    Customer asks for an enhancement managing connection timeout of the LDAP connection from the IDP server and the UserStore. He has noticed that in case a LDAP server (in ...

  • Votes

    1

    SSO Connectors should be able to prefill with user data

    At present Connector Studio allows data items used in SSO connectors only to be recorded from user input. It would seem useful to add LDAP and Virtual attribute data, to ...

  • Votes

    3

    NAM console log size alerts

    NAM console log size alerts For now there is no alert !

  • Votes

    1

    Allow delegated administrator to download IDP logs

    Allow delegated administrator to download IDP logs inside iManager, for now only real admin can do it

  • Votes

    3

    Risk based authentication cookie timeout duration change

    We have a use case where we currently use risk based authentication policies in NAM to have certain users use multi-factor authentication using Advanced Authentication. ...

  • Votes

    5

    In dymanic NAM environments "update all" causes too much ...

    This is how my customer could imagine an "update all" on as well IDPs as AGs When you click "update all" and you have multiple AGs or IDPs The 1st IDP or AG stops taking ...

  • Votes

    5

    Auditing on IDP and AG with more detail

    Currenlty there is only alerting or syslog sending of NAM changes done for just changes being done. There is no proper auditing showing what was changed by what user at ...

  • Votes

    1

    OIDC client applications REST API should be better protected

    Referring to Idea : 13276 Permit to have openID authentication on REST web service datasource for virtual attributes That seems to be a major change. What about letting ...

  • Votes

    2

    Pass AA user detail to NAM during MFA

    It is a three-tier network that AD in trust zone, AA in the middle layer and NAM in the out most layer. NAM cannot reach AD We have configured NAM not to identify user ...

  • Votes

    2

    Add "Loading details ..." to Client Application edit page.

    Accessing Identity Servers=> OAuth & OpenID Connect=> Client Applications one gets a „Loading Clients…“ displayed next to the "Register New Clients" button, while ...

  • Votes

    2

    Add SP and IDP metadata expiration date query to REST API

    For automated monitoring, it would be really helpful to have a REST URL where one could query the expiration date of Service and Identity Provider's metadata. This way, ...

  • Votes

    3

    OAuth scope for client application

    We want to be able to set a scope which assigned to an attribute set and related it to individual registered client application. The current functionality is that every ...

  • Votes

    4

    support Virtual attribute and Attribute sources as a source while ...

    Customer is using an ldap request, then manipulates an attribute returned, uses this new value to make the final request to know the attributes for the token. Two ...

  • Votes

    1

    Getting userinfo from social network, store in user session and then ...

    It would be great if the native Social Class could provide a way to get additional user data (userinfo) from a social network and some timer later, be able to forward ...

  • Votes

    2

    Conditional Access - AD, Azure and MDM/EDM

    Hi guys, As identity is more than just people (e.g. places and things) it is becoming critical to authenticate the person AND the device they are using (conditional ...

  • Votes

    2

    mobile access updates - fingerprint, PIN policies, and more

    Hi guys, Can we update mobile access to support the following: * PIN policies (including length) * Support Google Auth and SMS OTP * Enable fingerprint unlock on Android ...

  • Votes

    1

    Integrate UMA protocol in NAM

    User-Managed Access is a new protocol based on OAuth (https://kantarainitiative.org/confluence/display/uma/Introduction+to+UMA). We have customers who asked for this ...