The Security section allows the administrator to configure IP and auto-lock settings.
| OPTION | DESCRIPTION |
|---|---|
| Force token public IP validation | When enabled, session tokens can only be used from the IP address where the session was initiated. |
| Use X-Forwarded-For | Enable the usage of X-Forwarded-For header for deployments in a High Availability or Load Balanced Environment. |
| OPTION | DESCRIPTION |
|---|---|
| Enabled automatic lock account | User accounts are automatically locked after a predetermined number of successive failed login attempts. |
| Attempt count | The number of failed attempts before locking down a user account. |
| OPTION | DESCRIPTION |
|---|---|
| Ignore application certificate errors | Ignore TLS certificate errors for outgoing connections. The use of this option is discouraged as it could expose connections to adversary-in-the-middle attacks. |
| Enforce certificate revocation checks | Enables online revocation checks for outgoing TLS connections. |
| Certificate revocation check timeout | The maximum wait time in seconds for revocation checks. If the timeout is reached the certificate is considered as not revoked. |
Share your feedback