nevisIDM Password Login
About nevisIDM Password Login
The nevisIDM Password Login pattern provides a username/password based authentication for applications based on nevisIDM users.
For information on how to configure authentication for the nevisIDM Administration GUI, refer to: Accessing the nevisIDM Administration GUI.
The user identity can be propagated to your backend application via an application access token, for example a Nevis SecToken or a JWT Token.
The next diagram gives an overview of the patterns involved and their relationship:
Preconditions
- Make your web application accessible via nevisProxy as explained in Protecting a Web Application.
- Add a nevisIDM Instance pattern as explained in Setting up a nevisIDM Instance.
Basic Steps
- Assign an Authentication Realm pattern to your web application.
- Assign the nevisIDM Password Login pattern to the Authentication Realm pattern.
- Assign the nevisIDM Instance pattern to the nevisIDM Password Login pattern.
- Assign a Nevis SecToken pattern to the Authentication Realm pattern.
- Assign the same Nevis SecToken pattern to your web application.
Use Case: Mandatory Password Change
The nevisIDM Password Login pattern also configures the mandatory password change after a user's first login to the system. The mandatory password change is enabled by default. It is enforced by the password policy in nevisIDM. When the user enters a password, the nevisIDM Password Login pattern verifies it against the default password policy of the relevant client.