The plugin Loginapp >> UI Settings >> Protected Self-Service UIs configures UI components for protected self-services. These are arbitrary self-services that are only available after successful authentication (therefore the term protected).
There are two types of protected self-service UIs:
Type | Description |
|---|---|
Flow | Flow-based self-services can implement any self-service flow. The flow UI settings provide UI components for each flow configured in the REST service settings. Flow-based self-services are typically used to change data (e.g. assign or delete an authentication token, change user profile data, etc.). |
Non-flow | Non-flow-based self-services are typically used to provide information about the user without changing data. Example: display Airlock 2FA tokens of a user. |
REST services backing the protected self-service flow UIs are configured in
Loginapp >> Protected Self-Services >> Protected Self-Service Flows.
REST services backing non-flow-based self-service UIs are configured in
Loginapp >> Protected Self-Services.
For each self-service flow in the REST service configuration, a Protected Self-Service UI plugin may be configured. Selected properties are described below. Please refer to the property documentation in the Config Editor for further information and on other properties.
Property | Description |
|---|---|
Flow ID | Links the UI to a self-service flow. |
Customized Step UIs | The UI is automatically inferred from the REST service configuration. This property allows specifying custom step UIs for each step in the flow. |
Completion Target | Defines where to redirect the browser after the self-service flow has successfully completed. This may be an internal page (e.g. Airlock 2FA device list), an external URL, or a target application. To go to a target application, use the corresponding Authentication Flow Redirect (it knows about authorization and identity propagation). |
Cancellation Target | Defines where to redirect the browser if the self-service flow has been canceled. |
URLs of protected self-service flows
The URL for a self-service flow with ID <flow-id> is
<loginapp-uri>/ui/app/protected/select/flow/<flowId>
There is no generic approach to non-flow-based self-service UIs. Specific UI configuration are configured in Loginapp >> REST API Configuration >> Login REST UI >> Protected Self-Service UIs (e.g. Airlock 2FA).
URLs protected non-flow services:
<loginapp-uri>/ui/app/protected/tokens/airlock-2fa/devices
<loginapp-uri>/ui/app/protected/tokens/mtan/
The demo configuration provides many pre-configured protected self-services. The URLs can be used to try them out in the browser.
URLs protected services in the demo configuration:
<loginapp-uri>/ui/app/protected/tokens/airlock-2fa/devices<loginapp-uri>/ui/app/protected/select/flow/activate-app-device<loginapp-uri>/ui/app/protected/tokens/cronto/devices<loginapp-uri>/ui/app/protected/select/flow/cronto-activation<loginapp-uri>/ui/app/protected/select/flow/cronto-letter-order<loginapp-uri>/ui/app/protected/tokens/mtan/<loginapp-uri>/ui/app/protected/select/flow/mtan-registration<loginapp-uri>/ui/app/protected/select/flow/password-change<loginapp-uri>/ui/app/protected/select/flow/fido-registration<loginapp-uri>/ui/app/protected/select/flow/address-change<loginapp-uri>/ui/app/protected/select/flow/email-change<loginapp-uri>/ui/app/protected/select/flow/vasco-activation<loginapp-uri>/ui/app/protected/remember-me/devices<loginapp-uri>iam-show-logout-link in Change the Loginapp REST UI appearance with the UI SDK.