Account Services

Identity Access Management

Version MES 15.69

 

 

This is 42Q’s corporate standard.

This document is under revision control.

Once printed it is an uncontrolled copy. Changes to this document require approval.

Contact 42Q to submit suggested alterations and or updates.

 

Introduction

42Q IAM (Identity Access Management) is the unified login management to the 42Q MES Portal; it provides adaptive solutions to support different policies and guarantee the authentication/authorization with a more secure mode.

This document introduces the three forms of authentications that are described below:

• LDAP Authentication
• Non-LDAP Authentication
• Federated Authentication

When the user enters 42Q MES Portal URL the system redirects to the unified login page:

 

Figure 1: IAM unified login page

 

LDAP Authentication

42Q IAM supports LDAP authentication; for example, the user name helena_wang is an LDAP user account.

As displayed in the image below:

 

Figure 2: LDAP Account

 

To access the 42Q MES Portal, follow the steps below:

1. Enter the LDAP account (e.g. helena_wang ) in the Username field at the unified login page.
2. Select the Next button.

 

Figure 3: LDAP Account Login

 

3. The system will ask users to input the password.

 

Figure 4: Input Password Form

4. Once the username and password are valid, the system redirects to the 42Q MES Portal home page with the user signed in.

Figure 5: LDAP Account Login to 42Q MES Portal

 

 

Non-LDAP Authentication

42Q IAM supports Non-LDAP authentication. In the example below, the user_name testuser00001 is a Non-LDAP user.

 

Figure 6: Non-LDAP Account

 

To access 42Q MES Portal, follow the steps below:

1. Enter the Non-LDAP user account (e.g. testuser00001) in the Username field at the unified login page.
2. Select the Next.
3. The system will ask the user to input the password.

 

Figure 7: Non-LDAP Account Login

4. Once the username and password are valid, the system redirects to the 42Q 'MES Portal home' page with the user signed in.

 

Forgot Password

When users forget their password, they can reset their password by clicking the Forgot password? link on the landing page, then it will redirect to the Account Service page, the users will be able to reset the password.

Figure 8: Forget Password

Non-Federated users will see a 42Q forgotten password link. They will be redirected to the Account Service to reset the password.

Federated users will need to manage their passwords and authentication on the (Identity Provider) page.

Figure 9: Account Services for Non-Federated Users

 

 

Federated Authentication

42Q IAM supports SAML authentication, this allows users to pass authorization credentials to the portal via their IdP (Identity Provider) and use their corporate login to gain access to 42Q MES Portal.

To access 42Q, follow the steps below:

1. Enter the email address in the Username field at the unified login page.
2. Select the button Next.

Note: If the email address is invalid, IAM will show the error message below.

 

Figure 10: Check Email Address

Figure 11: Email Address Login

 

3. The system redirects the users to the IdP's authentication.

 

Figure 12: SAML authentication

 

4. Enter the Username and Password, then select the Submit button.

Note: If the account has set the SecureAuth authentication, the SecureAuth passcode text field will pop up.

 

Figure 13: SecureAuth Passcode

 

5. The system redirects the users to the MES Portal/ 42Q platform main page when the account authenticates.

 

Figure 12: 42Q MES Portal main page

 

Note: If the message shown below appears on the screen; the users must select the option ssodev-sanm to go to the account authentication page and enter the username and password again to login to MES Portal.

 

Figure 13: Alter page

 

---