Terms of service (ToC)
Airlock IAM can be used as a central enforcement point for terms of service (ToC) before applications can be accessed.
It provides the following features:
- Definition of multiple ToC texts in multiple languages.
- Ensure user consent to ToC before granting access to applications
- Re-assure user consent after changing ToC
- Different ToCs for different applications
- Each application may ask for multiple ToCs
How it works
- For each ToC, a tag (an arbitrary string) is defined in the configuration.
Examples:
eBankingToC-2018-1
- ^
portalDisclaimer-5
- For each accepted ToC the corresponding tag is stored in the user record.
- Each target application defines whether and which ToC are relevant for access.
- If an application is accessed via IAM, all ToC tags required by the application must be present for the user. If not, the corresponding ToCs are displayed after login.
- Notice
In order to perform the check, the login application must be configured such that it is involved every time an application is accessed for the first time within a session.
Usually, this means that only the Airlock Gateway roles/credentials required for the accessed application are granted.
Further information and links
- Configuration: Use the Terms Of Services Step in the authentication (or authorization) flow of the affected applications.