Control Panel

The table below lists all available Control Panel properties and its default values.

Access the Control Panel tab from the Application Switcher > System Console > System.

Configure the values as needed and Save.

License and Usage Description
License ID You can view and update your Platform license ID here.
Host Name The port or URL on which your Platform instance is hosted.
Edition The Platform edition. For example: Cluster Server.
Expiration Date Date of expiry for the Platform license.
Max Users Indicates the maximum number of users that can use the Platform instance.
Max Servers The maximum number of simultaneous user connections that are allowed on an instance of SQL Server.
Total Users Total number of users that are allowed to use the Platform instance. Click the Refresh icon to view updated value.
Total Servers Total number of servers that are being used by the Platform instance.

 

Usage Report Description
Reporting Date Select the month for which you want to generate the usage report.
Anonymise Tenant Select this option to keep the tenant information anonymous.
Download Downloads the system usage report as a .csv file with tenant name such as the date of tenant creation, number of users and Admin Users for each tenant.

 

From System Console > System > Control Panel > Configuration > Email define, modify or view the below properties.

Email Property Description
Host Name Selects the mailing option to be provided at instance level:
  • SMTP: Provide a valid SMTP host name, for example, smtp.gmail.com, to select SMTP as the default mailing option.
  • Exchange: A value of Exchange selects Exchange as the default mailing option.
  • Gmail: A value of Gmail selects Gmail as the default mailing option.

Default: Null

SMTP > Port Number The port used to access the mail server. This property is only valid for SMTP. The value will be ignored for Exchange and Gmail.

Default: 25

SMTP > Encryption Specifies the use of SSL or TLS encryption to access mail server. This property is only valid for SMTP. The value will be ignored for Exchange and Gmail. You can set this property to:
  • true or 1: If your mail server uses Secure Socket Layer (SSL) encryption.
  • false or 0: If your mail server uses no encryption.
  • 2: If your mail server uses Transport Layer Security (TLS) encryption.

Default: false or 0

User Name/ Email Address The email address used for outgoing emails. This property is only valid for SMTP and Exchange. The value will be ignored for Gmail.

Default: NullCopied from AdminEmail, which is required.

Password The password for the mail user account. This property is only valid for SMTP and Exchange. The value will be ignored for Gmail.

Default: Null

 

From System Console > System > Control Panel > Configuration > Authentication define, modify or view the below properties.

Authentication - General Properties Description
Authentication Mode When selected as Per Tenant , each tenant can configure an authentication method using the Authentication setup page. When selected as Global, all tenants share a global (Platform instance level) authentication method. Currently, Custom, KerberosSAML/ADFS and Password authentication can be configured at the instance level.
UI Authentication When configuring the instance-level authentication method, the authentication type can have valid values as Custom, SAML, Kerberos or Password.

See Configuring SAML/ADFS Authentication and Configuring Kerberos Authentication, Configuring Password Authentication for all tenants for more information.

API Authentication The authentication mechanism to user for login APIs. The value supported for this property depends on the authentication type:
  • Password: Password, API Token, or Custom
Enable Single User Multi Tenant This will allows the users to switch tenants. Only applies when all tenants use the same authentication mode such as Custom, KerberosSAML/ADFS or Password and when the same login name - email address pair is associated with user accounts in more than one tenant.

This option is available when Global is selected as the authentication mode.

 

Configuration > SAML/ADFS SP Configuration Description
SPKey Store File The name of the keystore for SAML/ADFS authentication.

Default: Null

SPKey Store Password The keystore password.

Default: Null

SPKey Store Alias The keystore alias.

Default: Null

Assertion Consumer Index The index of the URLs to be used in the SP metadata. In general, multiple URLs are not supported by most of the IdPs, so you can set this to the default of 0.

Default: 0

SP Metadata File The name of the SP metadata file. Select the needed file.

Default: Null

Issuer (IDP/ADFS Entity ID) The entity ID of the Identity Provider. This is the value of the entityID attribute of the EntityDescriptor element in the IdP metadata file.

Default: Null

Identity Provider/ADFS Metadata The IdPmetadata file name.

Default: Null

Service provider/Relying Party Entity ID The entity ID of the service provider.This is the value of the entityID attribute of the EntityDescriptor element in the SP metadata file.

Default: Null

Identity Provider Logout URL A custom URL that can be configured by the SAML/ADFS master administrator to redirect the user after logout.

Default: Null

Authentication Context Comparison Type

A comparison attribute on the AuthnContext request parameter to indicate how an authentication context should be evaluated. The authentication context will be evaluated based on the relative strengths of the authentication context classes specified in the AuthnContext request and the authentication methods offered by an IdP.

The four available comparison values are - better, exact, maximum, and minimum. If no value is specified, it will default to minimum .

See setAuthentication and getAuthentication for more information.

Default: minimum

Request Signature Method A signature method alogorithm to be used to sign the request being sent to the IDP. You can select RSA-SHA1 or RSA-SHA256. The default value is RSA-SHA1.
Enable Just-In-Time for SAML

When enabled, new application accounts are created on the fly by utilizing SAML assertions, thus eliminating manual account creations for every new user. With Just-In-Time enabled, the new user accounts are created dynamically by the first time users themselves upon the SAML based Platform SSO portal. See Just-in-Time Provisioning, for more information.

Validate User Fields on creation

If enabled, field format, mandatory fields and unique fields are validated on record creation for all the user fields including the below mentioned mandatory fields.

If disabled (not recommended) and if any of the below mentioned mandatory fields are missing, an error is prompted without any field validations taking place. However, editing the record in the UI validates the data in any subsequent edit.

The below listed mandatory fields are required by a user object while creating a record:

Login Type Mandatory Fields
Any regular SAML login (Per tenant, Portal, Global) loginName
JIT-Enabled SAML login (Per tenant, Portal) loginName, email, role
JIT-Enabled Global SAML Login loginName, email, role, custId
Attribute Map Mapping of the attributes in the form integration name in Platform=attribute name sent from IdP. The Platform attribute loginName is required. At least, two mapped attributes are required.

Default: Null

 

Custom Authentication Description
Custom Authentication Determines the restrictions based on the implementation of the custom authentication method.

Default: null

 

Kerberos Configuration Description
Kerberos UserName Enable KerberosUsername=<AD account password> (used for authentication). Enter the Kerberos User Name.

Default: Null

Kerberos Password The Platform server should be part of the Active Directory domain. Enable KerberosPassword=<AD account password> (used for authentication). Enter the Kerberos password.

Default: Null

Kerberos Domain Name Set KerberosDomainName=<Windows Domain Name>

Default: Null

Kerberos Domain Controller Set KerberosDomainController=<Domain Controller> (the Kerberos Ticket Issuing Server).

Default: Null

JAAS Configuration Configure different login modules for the Platform application without changing any code.
Kerberos Debug Select the checkbox as needed.

Default: false

 

Password Configuration Description
Security Level The built-in security level to implement. Specify Low, Medium, or High. For more information about the build-in security levels, see Built-in security levels.
Expiration Policy The number of days before a password expires. When a user's password expires, Infinite Blue Platform will prompt the user to enter a new password during the next login attempt. Leave this field blank to disable the password expiration policy. You can configure a Password expiration email notification to alert users that their passwords are going to expire.
Password History Click to enable password history. This will help store the previously used passwords and disallows recent passwords during password management.

Select the number of previously used passwords to be stored in the Passwords remembered.

Passwords remembered Number of old passwords to be stored.
Use Knowledge Factor Token Enable this to add Knowledge Factor to the account activation/password reset flow. The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question. Only Email Address field from the User object definition can be configured as the token field.
Password context validation time Sets the expiry time of the URL sent for user activation/password reset.

 

From System Console > System > Control Panel > Configuration > Users define, modify or view the below properties.

User Configuration Description
Sync Syncs the selected user records in the list.
Sync All Syncs all the user records in the list.
Edit Edit the user record's login name and email field values.
Delete This action is only applicable when the user record is not available in any tenant.

 

From System Console > System > Control Panel > Configuration > Google Integration define, modify or view the below properties.

Google Integration Property Description
Client Id The client ID required for accessing enabled Google applications. See Enabling Google Apps for Platform Private Cloud for information about obtaining the client ID. You can set this to true or false.

Default: None

Client Secret Key The secret key required for accessing enabled Google applications. See Enabling Google Apps for Platform Private Cloud for information about obtaining the secret key. You can set this to true or false.

Default: None

Application Name Google Application name to access Google Calendar and Docs (Spreadsheets), preferably have the format [company-id]-[app-name]-[app-version]

Default: {!SystemName}- {!SystemName}-1

Scopes Google Scopes list down the endpoints needed to request access to Google APIs

Any changes to this property requires a Platform restart.

Default:

https://www.googleapis.com/auth/calendar,

https://www.googleapis.com/auth/drive,

https://mail.google.com/,

https://www.googleapis.com/auth/userinfo.email,

https://www.googleapis.com/auth/userinfo.profile

From System Console > System > Control Panel > Configuration > GIT Integration define, modify or view the below properties.

Infinite Blue Platform administrators can integrate with GIT using the SSH Protocol and public key authentication.

GIT Property Description
SSH URL

A GIT SSH URL which provide access to a Git repository using a secure SSH protocol.

Example: git@github.com:user/repo.git

Branch

Currently, this field is non-editable and is set to main. The default branch of any GIT repository to push the changes in the instance level.

Default: main

SSH Passphrase

An optional encryption key similar to a password which enacts as an extra layer of security to the SSH Private key.

For more information, see Connecting to GitHub with SSH.

SSHPrivate Key

A user private key which is stored in the computer to use the GIT services.

Note: Currently, RSA type SSH Private Key is only supported.

 

From System Console > System > Control Panel > Configuration > Field Groups define, modify or view the XML as needed.

Note:

If you create or update any field group, you may need to update language resource files. Updated language resource files will have effect after server restart. Experienced Private Cloud administrators can add their own object attributes here.

Field Group Property Description
groupName The table or group name for a group of fields. You can modify or edit this in the Field Groups XML.
columnName The column name for a group of records. You can modify or edit this in the Field Groups XML.
fieldName The field name. You can modify or edit this in the Field Groups XML.

 

From System Console > System> Control Panel > Configuration > List Items define, modify or view the XML as needed.

Note:

This section contains a list of shared pick list Items (countries, states, etc.) to be added to each tenant during customer creation. You can modify this file.

From System Console > System > Control Panel > Configuration > Legacy Objects view the XML as needed.

Note:

We recommend that you do not modify this file.

From System Console > System > Control Panel > Configuration > Security Level define, modify or view the XML as needed.

Note:

You can modify this file and change the default levels or add more levels according to your security needs.

From System Console > System > Control Panel > Configuration > Service Level define, modify or view the license levels in the XML as needed.

Note:

You can modify this file to change default levels or to add more levels according to your business needs.

From System Console > System > Control Panel > Configuration > Default Cards define, modify or view the in the XML as needed.

Note:

You can modify this file to change default cards that renders in tablets and phones. Card Template content should be HTML encoded.