SOP-5-I-42Q-MES0152 Identity Access Management

From 42Q
Revision as of 19:54, 21 May 2024 by Marisol vargas (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


42Q Home >Account Services > Identity Access Management

 

 

Account Services 
Identity Access Management 
Version MES 15.81
Revision E1

 

 

 

Introduction

This document outlines the integral role that 42Q IAM (Identity Access Management) plays in enhancing the security and efficiency of our portal. By offering adaptable solutions to cater to various policies, it ensures robust authentication and authorization mechanisms.

The42Q IAM system serves as the cornerstone of our unified login management for the 42Q portal. Its primary function is to provide a comprehensive suite of tools that not only cater to diverse authentication needs but also reinforce the security landscape.

This document introduces the dual authentication methods offered by 42Q IAM:

  • Enterprise Authentication
  • Local Authentication.

In this document, regardless of the chosen path –  Enterprise Authentication or Local Authentication – users can expect a streamlined and secure process that safeguards sensitive information and preserves user privacy.

Upon accessing the 42Q portal URL, users are promptly redirected to a unified login page orchestrated by the IAM system. This pivotal gateway marks the beginning of a secure and user-centric journey within our portal.

 


Figure 1: IAM Login Page

AIM Smartlogin.png

 

42Q has two types of Enterprise Authentication: Federated and Non-Federated setups as explained below:

 

 


Enterprise Authentication with Federation Setup 

42Q IAM supports Federated authentication, which allows users to pass authorized credentials to the portal.

The Enterprise account with federation setup allows users to log in with the UID or email address, if the account is created by email address, users need to log in with their email address.

To access, as an Enterprise Authentication with Federation Setup user, follow the steps below: 

  1. Enter UID or email address in the Username field on the unified login page.
  2. Select the button Next'.'
  3. Enter the Username and Password, then select the Submit button. 

 
Figure 2: Enterprise Account with Federation Setup

 AIM AccountFed Setup.png  

 

 


Enterprise Authentication without Federation Setup

Enterprise accounts without federation setup will prompt from password and validate credentials with the previously configured enterprise for that instance.  

Users are allowed to log in with their username, the username can be UID or email address. 

To access 42Q, as an Enterprise user without federation, follow the steps below: 

 

  1. Enter the Enterprise account in the Username field at the unified login page.
  2. Select the Next button.


Figure 3: Enterprise Account without Federation Login

AIM Local .png

 

  1. The system will ask users to input the password.

 

Figure 4: Input Password Form

AIM PasswordForm.png

 

  1. Once the username and password are valid, the system redirects to the 42Q home page with the user signed in.

 

 

Figure 5: Enterprise  Account Login 42Q Portal

AIM Login42QPortal.png

 

 

 

 

Local Authentication

42Q IAM also supports Local authentication; in the example below, the username is one Local user. Also, Local users can be set up with alphanumeric, or email format.

 


Figure 6: Local Account

AIM User LocalAccount.png

 

To access 42Q, as a Local user follow the steps below: 

  1. Enter the Local user account in the Username field at the unified login page.
  2. Select the Next.
  3. The system will ask users to input the password.
  4. Once the username and password are valid, the system redirects to the 42Q home page with the user signed in.

 

Forgot Password

When users forget their password, they can reset their password by clicking the Forgot password? link on the landing page is an option is available for Local Users. Once clicked, users will be redirected to the Account Services to reset the password and the user's supervisor or support team will provide assistance for password changes.

 

For Enterprise users, an email will be provided with the following information concerning password changes. An expired link will be emailed to users with a link provided to change the desired password. 


Figure 8: Forget Password

AIM PassForgot.png

 


Note: In 60 days (default value) local users will have to change their password and if they haven't had a chance to log into the system during that period, their account will be inactivated.