Control Panel

The table below lists all available Control Panel properties and its default values.

Access the Control Panel tab from the Application Switcher > System Console > System.

Configure the values as needed and Save.

License and Usage	Description
License ID	You can view and update your Platform license ID here.
Host Name	The port or URL on which your Platform instance is hosted.
Edition	The Platform edition. For example: Cluster Server.
Expiration Date	Date of expiry for the Platform license.
Max Users	Indicates the maximum number of users that can use the Platform instance.
Max Servers	The maximum number of simultaneous user connections that are allowed on an instance of SQL Server.
Total Users	Total number of users that are allowed to use the Platform instance. Click the Refresh icon to view updated value.
Total Servers	Total number of servers that are being used by the Platform instance.

Usage Report	Description
Reporting Date	Select the month for which you want to generate the usage report.
Anonymise Tenant	Select this option to keep the tenant information anonymous.
Download	Downloads the system usage report as a .csv file with tenant name such as the date of tenant creation, number of users and Admin Users for each tenant.

Master Cache	Description
Reload	By clicking on reload button all your master cache will be reset.

Global Cache	Description
Reload	By clicking on reload button all your global cache will be reset. This helps to reset the corrupted data between the cache and the persistent database, ensuring the integrity of data that has been stored.

Global Cache

Description

Reload

By clicking on reload button all your global cache will be reset.

This helps to reset the corrupted data between the cache and the persistent database, ensuring the integrity of data that has been stored.

From System Console > System > Control Panel > Configuration > Email define, modify or view the below properties.

Email Property	Description
Host Name	Selects the mailing option to be provided at instance level: SMTP: Provide a valid SMTP host name, for example, `smtp.gmail.com`, to select SMTP as the default mailing option. Exchange: A value of `Exchange` selects Exchange as the default mailing option. Exchange (OAuth): A value of `Exchange` selects Exchange with OAuth as the default mailing option. Gmail: A value of `Gmail` selects Gmail as the default mailing option. Default: `Null`
SMTP > Port Number	The port used to access the mail server. This property is only valid for SMTP. The value will be ignored for Exchange and Gmail. Default: `25`
SMTP > Encryption	Specifies the use of SSL or TLS encryption to access mail server. This property is only valid for SMTP. The value will be ignored for Exchange and Gmail. You can set this property to: `true` or `1`: If your mail server uses Secure Socket Layer (SSL) encryption. `false` or `0`: If your mail server uses no encryption. `2`: If your mail server uses Transport Layer Security (TLS) encryption. Default: `false` or `0`
User Name/ Email Address	The email address used for outgoing emails. This property is only valid for SMTP and Exchange. The value will be ignored for Gmail. Default: `Null`Copied from `AdminEmail`, which is required.
Password	The password for the mail user account. This property is only valid for SMTP and Exchange. The value will be ignored for Gmail. Default: `Null`

From System Console > System > Control Panel > Configuration > Authentication define, modify or view the below properties.

Authentication - General Properties	Description
Authentication Mode	When selected as `Per Tenant` , each tenant can configure an authentication method using the Authentication setup page. When selected as `Global`, all tenants share a global (Platform instance level) authentication method. Currently, Custom, KerberosSAML/ADFS and Password authentication can be configured at the instance level.
UI Authentication	When configuring the instance-level authentication method, the authentication type can have valid values as `Custom`, `SAML`, `Kerberos` or `Password`. See Configuring SAML/ADFS Authentication and Configuring Kerberos Authentication, Configuring Password Authentication for all tenants for more information.
API Authentication	The authentication mechanism to user for login APIs. The value supported for this property depends on the authentication type: Password: `Password`, `API Token`, or `Custom`
Enable Single User Multi Tenant	This will allows the users to switch tenants. Only applies when all tenants use the same authentication mode such as Custom, KerberosSAML/ADFS or Password and when the same login name - email address pair is associated with user accounts in more than one tenant. This option is available when Global is selected as the authentication mode.

Configuration > SAML/ADFS SP Configuration Description

SPKey Store File

The name of the keystore for SAML/ADFS authentication.

Default: Null

SPKey Store Password

The keystore password.

Default: Null

SPKey Store Alias

The keystore alias.

Default: Null

Assertion Consumer Index

The index of the URLs to be used in the SP metadata. In general, multiple URLs are not supported by most of the IdPs, so you can set this to the default of 0.

Default: 0

SP Metadata File

The name of the SP metadata file. Select the needed file.

Default: Null

Issuer (IDP/ADFS Entity ID)

The entity ID of the Identity Provider. This is the value of the entityID attribute of the EntityDescriptor element in the IdP metadata file.

Default: Null

Identity Provider/ADFS Metadata

The IdPmetadata file name.

Default: Null

Service provider/Relying Party Entity ID

The entity ID of the service provider.This is the value of the entityID attribute of the EntityDescriptor element in the SP metadata file.

Default: Null

Identity Provider Logout URL

A custom URL that can be configured by the SAML/ADFS master administrator to redirect the user after logout.

Default: Null

Authentication Context Comparison Type

A comparison attribute on the AuthnContext request parameter to indicate how an authentication context should be evaluated. The authentication context will be evaluated based on the relative strengths of the authentication context classes specified in the AuthnContext request and the authentication methods offered by an IdP.

The four available comparison values are - better, exact, maximum, and minimum. If no value is specified, it will default to minimum .

See setAuthentication and getAuthentication for more information.

Default: minimum

Request Signature Method A signature method alogorithm to be used to sign the request being sent to the IDP. You can select RSA-SHA1 or RSA-SHA256. The default value is RSA-SHA1.

Enable Just-In-Time for SAML

When enabled, new application accounts are created on the fly by utilizing SAML assertions, thus eliminating manual account creations for every new user. With Just-In-Time enabled, the new user accounts are created dynamically by the first time users themselves upon the SAML based Platform SSO portal. See Just-in-Time Provisioning, for more information.

Validate User Fields on creation

If enabled, field format, mandatory fields and unique fields are validated on record creation for all the user fields including the below mentioned mandatory fields.

If disabled (not recommended) and if any of the below mentioned mandatory fields are missing, an error is prompted without any field validations taking place. However, editing the record in the UI validates the data in any subsequent edit.

The below listed mandatory fields are required by a user object while creating a record:

Login Type	Mandatory Fields
Any regular SAML login (Per tenant, Portal, Global)	`loginName`
JIT-Enabled SAML login (Per tenant, Portal)	`loginName`, `email`, `role`
JIT-Enabled Global SAML Login	`loginName`, `email`, `role`, `custId`

Attribute Map

Mapping of the attributes in the form integration name in Platform=attribute name sent from IdP. The Platform attribute loginName is required. At least, two mapped attributes are required.

Default: Null

Custom Authentication	Description
Custom Authentication	Determines the restrictions based on the implementation of the custom authentication method. Default: `null`

Kerberos Configuration	Description
Kerberos UserName	Enable `KerberosUsername=<AD account password>` (used for authentication). Enter the Kerberos User Name. Default: `Null`
Kerberos Password	The Platform server should be part of the Active Directory domain. Enable `KerberosPassword=<AD account password>` (used for authentication). Enter the Kerberos password. Default: `Null`
Kerberos Domain Name	Set `KerberosDomainName=<Windows Domain Name>` Default: `Null`
Kerberos Domain Controller	Set `KerberosDomainController=<Domain Controller>` (the Kerberos Ticket Issuing Server). Default: `Null`
JAAS Configuration	Configure different login modules for the Platform application without changing any code.
Kerberos Debug	Select the checkbox as needed. Default: `false`

Password Configuration	Description
Security Level	The built-in security level to implement. Specify Low, Medium, or High. For more information about the build-in security levels, see Built-in security levels.
Expiration Policy	The number of days before a password expires. When a user's password expires, Infinite Blue Platform will prompt the user to enter a new password during the next login attempt. Leave this field blank to disable the password expiration policy. You can configure a Password expiration email notification to alert users that their passwords are going to expire.
Password History	Click to enable password history. This will help store the previously used passwords and disallows recent passwords during password management. Select the number of previously used passwords to be stored in the Passwords remembered.
Passwords remembered	Number of old passwords to be stored.
Use Knowledge Factor Token	Enable this to add Knowledge Factor to the account activation/password reset flow. The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question. Only Email Address field from the User object definition can be configured as the token field.
Password context validation time	Sets the expiry time of the URL sent for user activation/password reset.

From System Console > System > Control Panel > Configuration > SAML Auth Context Classes define, modify or view the XML as needed.

Note:

This section contains a list of Authentication Context Classes are bundled with Platform and is available across the instance level which can be modified.
Authentication Classes set during authentication profile creation can be later edited only within this XML file.

From System Console > System > Control Panel > Configuration > Rate Limit define, modify or view the Rate Limit Profiles as needed. See Rate Limit for more information.

From System Console > System > Control Panel > Configuration > Users define, modify or view the below properties.

User Configuration	Description
Sync	Syncs the selected user records in the list.
Sync All	Syncs all the user records in the list.
Edit	Edit the user record's `login name` and `email` field values.
Delete	This action is only applicable when the user record is not available in any tenant.

From System Console > System > Control Panel > Configuration > Google Integration define, modify or view the below properties.

Google Integration Property	Description
Client Id	The client ID required for accessing enabled Google applications. See Enabling Google Apps for Platform Private Cloud for information about obtaining the client ID. You can set this to `true` or `false`. Default: `None`
Client Secret Key	The secret key required for accessing enabled Google applications. See Enabling Google Apps for Platform Private Cloud for information about obtaining the secret key. You can set this to `true` or `false`. Default: `None`
Application Name	Google Application name to access Google Calendar and Docs (Spreadsheets), preferably have the format [company-id]-[app-name]-[app-version] Default: `{!SystemName}- {!SystemName}-1`
Scopes	Google Scopes list down the endpoints needed to request access to Google APIs Any changes to this property requires a Platform restart. Default: `https://www.googleapis.com/auth/calendar,` `https://www.googleapis.com/auth/drive,` `https://mail.google.com/,` `https://www.googleapis.com/auth/userinfo.email,` `https://www.googleapis.com/auth/userinfo.profile`

From System Console > System > Control Panel > Configuration > Microsoft Exchange Integration define, modify or view the below properties.

Microsoft Exchange Integration Property	Description
Authority	The Exchange URL as mentioned along with Directory (Tenant) ID
Client Id	The client ID required for accessing enabled Microsoft Exchange applications. See Enabling Microsoft Exchange Integration for information about obtaining the client ID. You can set this to `true` or `false`. Default: `None`
Client Secret Key	The secret key required for accessing enabled Microsoft Exchange applications. See Enabling Microsoft Exchange Integration for information about obtaining the secret key. You can set this to `true` or `false`. Default: `None`
Scopes	Microsoft Exchange Scopes list down the endpoints needed to request access to Microsoft Exchange APIs Any changes to this property requires a Platform restart. Default: `https://outlook.office.com/EWS.AccessAsUser.All`
Microsoft Exchange Version	The version of Microsoft Exchange can be chosed from the dropdown.
Microsoft Exchange EWS URL	The EWS URL for Microsoft Exchange. Default: `https://outlook.office365.com/EWS/Exchange.asmx`
Exchange Account	Attach or Detach your Microsoft Exchange account. You may need to enable required permissions on Azure application.

From System Console > System > Control Panel > Configuration > Field Groups define, modify or view the XML as needed.

Note:

If you create or update any field group, you may need to update language resource files. Updated language resource files will have effect after server restart. Experienced Private Cloud administrators can add their own object attributes here.

Field Group Property	Description
groupName	The table or group name for a group of fields. You can modify or edit this in the Field Groups XML.
columnName	The column name for a group of records. You can modify or edit this in the Field Groups XML.
fieldName	The field name. You can modify or edit this in the Field Groups XML.

From System Console > System> Control Panel > Configuration > List Items define, modify or view the XML as needed.

Note:

This section contains a list of shared pick list Items (countries, states, etc.) to be added to each tenant during customer creation. You can modify this file.

From System Console > System > Control Panel > Configuration > Legacy Objects view the XML as needed.

Note:

We recommend that you do not modify this file.

From System Console > System > Control Panel > Configuration > Security Level define, modify or view the XML as needed.

Note:

You can modify this file and change the default levels or add more levels according to your security needs.

From System Console > System > Control Panel > Configuration > Service Level define, modify or view the license levels in the XML as needed.

Note:

You can modify this file to change default levels or to add more levels according to your business needs.

From System Console > System > Control Panel > Configuration > Default Cards define, modify or view the in the XML as needed.

Note:

You can modify this file to change default cards that renders in tablets and phones. Card Template content should be HTML encoded.