Skip to main content

Identifying users

In order to log in to Bravura Security Fabric using the Front-end , users must provide an identifier. By default, this is their login ID from the first target system that you added as a source of Profile IDs.

The Front-end PROFILE ID TAG is disabled by default. When the tag is disabled, users can only identify themselves with their login ID on a target system. When the PROFILE ID TAG is enabled, users can identify themselves with their Bravura Security Fabric profile ID, or their login ID on a target system.

The identifier is searched for in the following order until a match is found:

  1. Target – the user’s account ID on the target system

  2. Profile – the profile ID for the user’s Bravura Security Fabric profile

  3. Admin – product administrator ID defined within the Manage the system (PSA) module

You can allow users to identify with a profile attribute value, such as email address, by specifying them in the AUTH IDENTITY ATTRIBUTES setting.

If more than one option is available, users select how they want to identify themselves from the identification priority list . When you add your first target system, if PROFILE ID TAG is disabled, the target is automatically added to the identification priority list. You must manually add any additional target systems.

Product administrators do not require an account ID on a target system. In this case, their credentials are stored in Bravura Security Fabric ’s internal database.

Set up the identification priority list

To set up the identification priority list:

  1. Click Manage the system > Policies > Identification priority.

    If necessary, search to narrow the list of target systems.

  2. Target system description

  3. Click Update.

You can also configure this list by entering a colon-separated list in the PSF HOST LIST variable in the Manage the system > Maintenance > System variables menu.

Identification examples

Users choose an identification target system

If the system is configured as shown below, and the PROFILE ID TAG is disabled, users are provided with a drop-down menu to choose how they want to identify themselves:

2734.png

In this case, users see the following options:

2735.png

Users choose Profile ID an identification target system

When the PROFILE ID TAG is enabled (Modules > Front-end (PSF) ) users see the following options:

2736.png

Users must use Profile ID

You may want to limit choices and just allow the user to logon with their Profile ID. You can do this by enabling the PROFILE ID TAG and removing all target system identification priorities:

2737.png

In this case, users are only asked for their Profile ID:

2738.png

See also

In this section: