Authentication & Authorization Settings allows you to specify and configure authentication and authorization methods to be used in your application. By making these settings through the Kuika Configuration Manager module, you can manage user access control in a powerful and flexible way.
In this guide, you will learn step by step how to configure authentication providers, set password policies and implement security measures.
How to Set Authentication & Authorization Settings?
1. Open the App Settings Screen
Log in to the Configuration Manager module on the Kuika platform.
Access the App Settings screen.
Find the Authentication & Authorization Settings section.
2. Configure Authentication Provider Settings
Authentication Provider settings allow you to determine which methods your application will use for user authentication.
Type: Select the authentication provider type.
Generic Auth: Basic authentication method.
OAuth 2.0: Use OAuth 2.0 protocol for authorization.
LDAP: User authentication via LDAP.
3. Configure Password Policy Settings
The password policy is necessary to ensure that users create secure passwords.
Characters and Size: Set the minimum and maximum length of the password.
Minimum Lowercase: Enter the minimum number of lowercase letters required in the password.
Minimum Uppercase: Enter the minimum number of uppercase letters required in the password.
Minimum Number: Specify the minimum number of digits required in the password.
Minimum Special: Enter the minimum number of special characters that must be included in the password.
Must NOT contain: Define words or phrases that should not be included in the password.
Words: Add any special words that are required in the password.
Configure Locking and Password Age Settings
You can add password duration and account lockout mechanism to increase user account security.
Minimum Password Age (day): Set the minimum password age in days.
Maximum Password Age (day): Set the maximum lifetime of the password in days.
Notify User Before Expire (day): Specify how many days in advance to notify the user before the password expires.
Account Lockout Threshold: Specify the number of failed logins allowed before the account is locked.
Try Count: Enter the maximum number of false login attempts.
Duration (minute): When the account is locked, specify the time in minutes that it will remain locked.
CAPTCHA Settings
CAPTCHA provides an additional layer of security to prevent bot attacks.
Incorrectly Times: Define the number of incorrect input attempts.
Incorrectly Entered for Enable: Enter the number of incorrect entries required for CAPTCHA to activate.
Last Passwords Rule
Prevent users from reusing the same password.
Not the Same as Last (passwords): Specify that the password cannot be the same as the last few passwords.
4. Add External Authentication Providers
You can integrate social accounts with external providers.
Google Settings
Name: Provider name.
Client ID: Client ID issued by Google.
Client Secret: Secret key issued by Google.
Server Client ID: Server-side client ID.
Server Client Secret: Server-side secret key.
ISO URL Scheme: Custom URL scheme for mobile apps.
Facebook Settings
Name: Provider name.
App ID: Facebook application ID.
Client Token: Client token issued by Facebook.
MSAL Settings (Microsoft)
Name: Provider name.
Client ID: The client ID issued by Microsoft.
Client Secret: Secret key issued by Microsoft.
Authority: Authorization address.
Scopes: List of access permissions.
Keystore Base64: Keystore used for security.
Cache Location: A place to temporarily store tokens.
Keystore Hash: Key verification value.
5. OTP (One-Time Password) Settings
One-time password (OTP) settings provide extra security.
Name: The name given to the OTP service.
Secret Key: The secret key used for OTP generation.
Expire Old Sessions Upon Login Switch: Enable expiration of old sessions upon new login.
Save and Test Settings
Make sure you have filled in all fields completely and correctly.
Save your settings by clicking the Save button.
Test user login scenarios with different providers in the test environment.
Important Tips:
Store all API keys and confidential information securely.
Try the false login and password policies with different scenarios in the test environment.
Actively use password warnings and two-factor authentication to improve user experience.
Check all authentication providers before going live.
By configuring the Authentication & Authorization Settings module correctly, you can offer secure, flexible and multi-layered access alternatives to your users.
