Skip to main content
Skip table of contents

Replay Gateway Credentials Widget

Definition

The Replay Gateway Credentials Widget is used to provision existing applications credentials to the OpenLDAP for the Replay Gateway scenario. 

It is a standalone widget that requires a host feature of type "self" or an object feature where the object is the current subject.

Typically used in a UI_FOR_OBJECT feature of type "self".

The user is presented with a list of applications to which he has a permission grouped by "Categories". He can submit the credentials by group of applications. Each applications in the group will be provisioned with the same credentials.

Upon submission, if the credentials have been successfully provisioned, the category will turn green indicating that this group of applications has now valid credentials that can be used by the Replay Gateway.

Credentials can be removed by toggling the "DELETE" option inside the category.

Configuration

Widget

Properties

The widget requires these mandatory configuration properties:

Property name

Type

applicationCategoryAttribute

STRING (mono)

The id of an attribute definition bound to resources of type APPLICATION which holds the value of the category to which the application belongs to. The values of these categories is free to choose from when updating/creating an application. This will only serve as a grouping method for submitting pack of applications together to be provisioned with the same credentials. If an application category is updated, the UI will show the application in the new category, however its provisioning status will still be considered provisioned.

Note that no check is done to ensure that this attribute exists or is bound to application types.

applicationNameAttribute

STRING (mono)

The id of an attribute definition bound to resources of type APPLICATION which holds the value of the name of the application as it should be provisioned in the LDAP. 

identityCredentialsStatusAttribute

STRING (mono)

The id of an attribute definition bound to IDENTITY types that are in the scope of the features hosting this widget. This attribute will hold the credentials status for the specific identity, allowing to know if an application credentials has already been provisioned or deleted.

Widget configuration example

CODE 
<widget id="replay-gateway-widget" xsi:type="ctdbum:ReplayGatewayCredentialsWidgetType">
     <hidden>false</hidden>
     <config>
        <bordered>false</bordered>
        <title>true</title>
        <applicationCategoryAttribute>test_rgwCategory</applicationCategoryAttribute>
        <applicationNameAttribute>test_rgwId</applicationNameAttribute>
        <identityCredentialsStatusAttribute>statuscredential</identityCredentialsStatusAttribute>
    </config>
</widget>

Settings

In order for the widget to correctly send the credentials, the Replay Gateway Provisioning service location and credentials must have been configured.

This configuration is done for each tenants by BUM settings:

Setting name

Type

Description

rgw.prov.baseURL

String

The base URL of the Replay Gateway Provisioning Service

rgw.prov.credentials

Credentials

The credentials for authenticating on the Replay Gateway Provisioning Service

Feature example

A full feature example
CODE 
<?xml version="1.0" encoding="UTF-8"?>
<kit:DataSet xmlns:ctd="http://www.memority.com/citadel/1_0" xmlns:ctdbpmn="http://www.memority.com/citadel/bpmn/1_0" xmlns:ctdbum="http://www.memority.com/citadel/bum/1_0" xmlns:ctdcore="http://www.memority.com/citadel/core/1_0" xmlns:ctdidm="http://www.memority.com/citadel/idm/1_0" xmlns:ctdrep="http://www.memority.com/citadel/rep/1_0" xmlns:ctdrule="http://www.memority.com/citadel/rule/1_0" xmlns:ctdtnt="http://www.memority.com/citadel/tnt/1_0" xmlns:kit="http://www.memority.com/toolkit/1_0" xmlns:rule="http://www.memority.com/toolkit/rule/1_0" xmlns:ruleaddon="http://www.memority.com/toolkit/addons/rule/1_0" xmlns:search="http://www.memority.com/toolkit/search-expression/1_0" xmlns:settings="http://www.memority.com/toolkit/addons/settings/1_0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <ctdbum:FeatureConfiguration id="test_replay-gateway">
      <createdAt>2021-09-30T14:45:38.559Z</createdAt>
      <updatedAt>2021-09-30T14:48:21.449Z</updatedAt>
      <name>replay-gateway-feature</name>
      <description>Save credentials for replay gateway</description>
      <type>UI_FOR_OBJECT</type>
      <scope type="EXPRESSION" objectKind="IDENTITY">
         <searchExpression/>
         <objectTypes>
            <objectType>test_identityType_employee</objectType>
         </objectTypes>
      </scope>
      <options>
         <formLabelOnTop>false</formLabelOnTop>
         <pendingOperationBehaviour>WARN</pendingOperationBehaviour>
         <submit>
            <reportDisplay>DISPLAY_ALL</reportDisplay>
         </submit>
      </options>
      <screen>
         <views>
            <view id="replay-gateway-view-1">
               <description></description>
               <icon>fa fa-user</icon>
               <sections>
                  <section id="replay-gateway-section-1">
                     <layout>SINGLE</layout>
                     <columns>
                        <column>
                           <widgets>
                              <widget id="replay-gateway-widget" xsi:type="ctdbum:ReplayGatewayCredentialsWidgetType">
                                 <hidden>false</hidden>
                                 <config>
                                    <bordered>false</bordered>
                                    <title>true</title>
                                    <applicationCategoryAttribute>test_rgwCategory</applicationCategoryAttribute>
                                    <applicationNameAttribute>test_rgwId</applicationNameAttribute>
                                    <identityCredentialsStatusAttribute>statuscredential</identityCredentialsStatusAttribute>
                                 </config>
                              </widget>
                           </widgets>
                        </column>
                     </columns>
                  </section>
               </sections>
            </view>
         </views>
         <frame>
            <actions/>
            <collapsible>false</collapsible>
            <display>PORTLET</display>
            <initiallyCollapsed>false</initiallyCollapsed>
            <title>false</title>
         </frame>
      </screen>
      <authentication>
         <authenticationLevelComparison>MINIMUM</authenticationLevelComparison>
      </authentication>
      <operations/>
      <operationOnSelf>true</operationOnSelf>
   </ctdbum:FeatureConfiguration>
</kit:DataSet>

Read Next

Search Widgets — Allows to perform search on objects and to create a result table.
List Widget — Allows to display a list of results (external or internal data).
Roles Widgets — Allows to manage all functionalities about roles (assignment, request, dashboard, dimensions...).
Password Widgets — Allows to manage password for Identities (generate a password according to several criteria, reset password).
Report Widgets — Allows to display report information (audit or scheduled actions) on objects.
Button Widgets — Allows to display button in order to redirect the user to another feature.
MFA Widgets — Allows to enroll and manage MFA devices.
Webauthn Widgets — Allows to enroll and manage Webauthn devices.
Separator Widget — Allows to separate several widgets on a feature.
Replay Gateway Credentials Widget — Allows to provision application credentials to LDAP for the Replay Gateway
OATH Registration widget — Allows to provision the shared secret key between an OTP generator (such as Google Authenticator) and the verification server (AM server).
OTP Widgets — Allows to enroll and manage OTP addresses
Workflow History Widget — Allows to display pending workflows history launched from a Feature
Reporting Widgets
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close