Password Management with Pass-Through Authentication

Note: This feature is available when pass-through authentication is in use and can only be used to reset the password for a pass-through-authentication application.

When IdentityIQ is configured for pass-through authentication, the Forgot Password option can be turned on to enable a user to reset their password in the authenticating application. A user can then authenticate to IdentityIQ through security questions when they are unable to remember their password.

To enable this feature, from the Navigation bar, go to the gear icon > Global Settings > Login Configuration > User Reset tab and select Enable Forgot Password.

This feature causes the Forgot Password? link to appear on the IdentityIQ login window. When a user clicks this link, they are prompted to answer one or more security questions that enable IdentityIQ to verify their identity. After a user successfully answers the security questions, the user is prompted for a new password. The pass-through application is then updated with that new password.

Pass-Through Authentication Requirements

Though the setup of pass-through authentication is not the focus of this document, there are a few configurations that are required for Pass-Through Authentication to work. If these configurations are not properly completed, authentication features related to Pass-Through Authentication can be prevented from working.

The Authentication Search Attributes field for the application must contain the names of the application account schema attribute(s) that contain the Username entered during sign-on. This field tells IdentityIQ which application fields to search to locate the matching application account. One or more attribute names can be specified in this field.

See:

• Defining the Security Questions

• Configuring the Security Question Settings

• Security Questions Tab

• Recording Security Answers