2.4.10 Configuring Self Service Password Reset Server Details in Identity Server

  1. Click Devices > Identity Server > Shared Settings > Self Service Password Reset.

  2. Select Integrate with Self Service Password Reset (SSPR).

  3. Specify the following details under Server Configuration:

    Published SSPR URL: Select http or https and specify the Self Service Password Reset server’s IP address or DNS name with the port number. If Self Service Password Reset is configured behind Access Gateway, then specify Access Gateway's Published URL for Self Service Password Reset. For example, specify https://www.b2c.com/sspr/.

    API User Name: Protected web services that require authentication through a user name and password use the secret name as user name. The secret name is generated while configuring the Self Service Password Reset server. For example, specify NAMSECRET in API User Name.

    API Password: Protected web services that require authentication through a user name and password use a secret key as password. The secret key is generated while configuring the Self Service Password Reset server. For example, specify pass@123 in API Password.

  4. Click the + icon under Integration Links to see URLs associated with the specified Self Service Password Reset server.

    IMPORTANT:Integration Links displays default URLs. These URLs must be modified to match the URLs specified on the Self Service Password Reset server.

    If you modify the integration links in the Self Service Password Reset server then you must specify the same integration links in SSPR Portal Links and REST APIs. The values specified in Integration Links come after Published SSPR URL to form a destination path.

    IMPORTANT:In some of the default URLs, forwardURLs are appended to ensure that the user is forwarded to correct URLs after performing the corresponding tasks.

    User Profile URL: If a forwardURL is provided, the user is redirected to that URL after updating user profile in user portal page. For example, if User Profile URL is set to /private?forwardURL=https://idp.b2c.com:8443/nidp/portal, then the user is directed to that URL after profile update.

    User Registration URL: If a forwardURL is provided, the user is redirected to that URL after registering as a new user on B2C portal page. For example, if User Registration URL is set to /private?forwardURL=https://idp.b2c.com:8443/nidp/portal, then the user is directed to that URL after registration.

    Auto Registration URL: It automatically registers users when users log in using social authentication. It compares the user specified attributes to the stored attributes. Specify /public/newuser/profile/Social.

    Forgot Password URL: If a forwardURL is provided, the user is redirected to that URL after password reset. For example, if Forgot Password URL is set to /private?forwardURL=https://idp.b2c.com:8443/AGLogout, then the user is directed to that URL after the user resets password.

    NOTE:Forgot Password URL is not accessible if the Logout after password change option is enabled in Change Password module of Self Service Password Reset.

    Health API: It is used to obtain the health status of the Service Password Reset server. The default URL is /public/rest/health.

    Back Channel Request Signing API: Access Manger uses this API to obtain information from Self Service Password Reset server. The default URL is /public/rest/signing/form.

    Connection Timeout: It is the time specified to establish the connection with Self Service Password Reset server. The connection must establish within the specified time.

    Read Timeout: It is the time specified to obtain information from the Self Service Password Reset server after establishing the connection. Access Manager must obtain information within the specified time.

    IMPORTANT:

    • Ensure that these URLs are specified in the Self Service Password Reset white list. To specify these URLs in white list navigate to Self Service Password Reset > Settings > Security > Web Security > Whitelist.

    • If a forwardURL is not provided then the default URLs are used. To see default URLs, navigate to Self Service Password Reset > Settings > Application > Forward URL.

  5. Click Apply Changes.