The Security section allows the administrator to configure IP and auto-lock settings.
| OPTION | DESCRIPTION |
|---|---|
| Force token public IP validation | Force session tokens to only be used from the IP address where the session was initiated. |
| Use X-Forwarded-For | Enable the usage of an X-Forwarded-For header for deployments in a high availability or load balanced environments. |
| OPTION | DESCRIPTION |
|---|---|
| Enable automatic account lock | Automatically lock user accounts after a predetermined number of successive failed login attempts. |
| Attempt count | Set the number of failed attempts users can make before having their accounts locked. |
| OPTION | DESCRIPTION |
|---|---|
| Ignore application certificate errors | Ignore TLS certificate errors for outgoing connections. The use of this option is discouraged as it could expose connections to adversary-in-the-middle attacks. |
| Enforce certificate revocation checks | Enable online revocation checks for outgoing TLS connections. |
| Certificate revocation check timeout | Set the maximum wait time (in seconds) for revocation checks. If the timeout is reached, the certificate is not considered revoked. |
Share your feedback