Loginapp REST UI configuration

This chapter provides information about the configuration of the Loginapp REST UI in addition to the Loginapp REST API.

The UI configuration can be found here: Loginapp >> UI Settings.

REST API vs. UI configuration

The Loginapp REST API configuration defines what services are available and their behavior. The Loginapp REST UI is based entirely on the REST API. The Loginapp REST UI's configuration, therefore, defines only UI-relevant and web browser-related aspects of the application.

To further illustrate the difference in what aspects are to be configured where some examples are given below.

REST API Configuration (see REST APIs provided by IAM)
Available services such as authentication flows, self-service flows, etc.
Authorization and access conditions.
Infrastructure services such as database connections, SMS providers, 2nd-factor integration, etc.
List of languages accepted by the REST API.
List of target applications/services with allowed entry URLs, required roles, and identity propagation.

UI settings (this chapter):
Defines whether the Loginapp REST UI is available or not.
Configures details on specific pages (e.g. show a forgot password link on the login page or not).
Specifies whether certain buttons (e.g. Cancel or Goto) are visible or not.
How to interpret browser URIs to extract the display language or determine the ID of the target application.
Defines where to redirect the browser to after flows are completed or have been canceled.

Basic settings

The basic settings define which types of user interfaces will be available to the end-users and configure their details.

Security Settings

Airlock IAM protects its user interface by providing a content security policy (CSP) for the browser to enforce.

Care should be taken when modifying the configuration of the CSP. Since all different versions of all browser products receive the same CSP, it must be configured to enable all browsers to act securely.

Note on configuration context extraction

Configuration context extraction is configured in the Loginapp REST API (Loginapp >> REST Settings >> Context Extractors) and not in the Loginapp REST UI.

The URLs processed during context extraction are the ones of the REST API and do not correspond to the URLs in the browser's address bar.

This imposes limitations on the usage of context extraction with the Loginapp REST UI. In particular, context extractors relying on the forward location (Location parameter) are not supported.

Further information and links

Chapter content

17.3.1.1. Authentication & Authorization UI

17.3.1.2. Configuration - User Self-Registration UI

17.3.1.3. Public self-services UIs

17.3.1.4. Protected self-service UIs

17.3.1.5. Using OAuth and OIDC with the Loginapp

17.3.1.6. Airlock Gateway (WAF) configuration for the Loginapp REST UI

17.3.1.7. Using the Loginapp REST UI with SAML