Application Settings

In Login 3.0, application settings are configured and managed by the UPBOND team. Applications are registered and customized to meet specific requirements, including authentication flow, URLs, and token settings.

Basic Settings

When registering or updating an application, the UPBOND team will request the following information:

Basic Information

  • Name:

    A unique name for your application. This name will appear in logs, emails, and notifications.

  • Domain:

    The Login 3.0 tenant name associated with your application. This is assigned during tenant creation and cannot be changed. If a new domain is required, request a new tenant through the UPBOND team.

  • Client ID:

    A system-generated unique identifier for your application, required for authentication configurations. This value is non-editable.

  • Client Secret:

    A confidential string used for signing and validating tokens. The UPBOND team will securely share this with you. Ensure it is kept private to prevent unauthorized access.

  • Description:

    A brief description of the application's purpose (up to 140 characters).

Application Properties

  • Application Logo:

    URL of the application's logo (recommended size: 150x150 pixels).

  • Application Type:

    Determines the settings available for configuration:

    • Machine-to-Machine: For non-interactive apps like services or IoT devices.

    • Native App: For mobile or desktop applications.

    • Regular Web App: For server-side logic-driven web applications.

    • Single Page App: For browser-based JavaScript applications.

Application URIs

  • Application Login URI:

    The endpoint in your application that redirects to the tenant's /authorize endpoint.

  • Allowed Callback URLs:

    List of authorized redirection URLs after authentication. Avoid wildcards and localhost for production environments.

  • Allowed Logout URLs:

    URLs where users are redirected after logout.

  • Allowed Web Origins:

    URLs authorized for requests originating from web browsers.

  • Allowed Origins (CORS):

    Authorized URLs for cross-origin resource sharing (CORS) requests.

ID Token

  • ID Token Expiration:

    Specifies the token's validity period in seconds (default: 36,000 seconds or 10 hours).

  • Single Sign-On (SSO):

    Prevents redirection to external identity providers for authenticated users (if applicable).

Refresh Token Settings

  • Refresh Token Rotation:

    New tokens are issued upon reuse, invalidating old tokens. Enable or disable as needed.

  • Refresh Token Expiration:

    Configure absolute and inactivity expiration settings for tokens.

Advanced Settings

  • Application Metadata:

    Custom key-value pairs (up to 10 pairs, each 255 characters). Useful for adding contextual data to the application.

  • Device Settings:

    Parameters for iOS and Android apps.

  • OAuth Settings:

    Configure delegation requests, signing algorithms (HS256 or RS256), and grant types.

  • Grant Types:

    Specify the OAuth 2.0 grant types enabled for your application.

  • Certificates:

    Manage signing certificates used for token validation.

  • Endpoints:

    View configuration for OAuth, SAML, and WS-Fed endpoints.

Monitor Applications

Login 3.0 logs various application activities, including:

  • Successful and failed authentication attempts.

  • Administrator actions.

  • Password changes.

Log data can be exported for analysis using tools like Sumo Logic, Splunk, or Mixpanel. The UPBOND team can assist in configuring log export settings.

Remove Applications

Applications can be removed by contacting the UPBOND team. Ensure dependencies and integrations are updated before removal to avoid disruptions.

PreviousApplications in Login 3.0NextCredential Settings

Last updated

Was this helpful?