11.2.1.2 The "Authentication" Tab
A client's user must authenticate when logging on to SwyxServer. Basically, the following authentication types are available:
You can define for each user which of the three authentication types he is allowed to use.
When logging in, the user is offered two authentication types; even if one or even all of them are not allowed for the user:
- Windows account- or Composite authentication
- Name/Password authentication
Ensure that the user can authenticate using at least one of these options.
- Windows account- or Composite authentication
- Name/Password authentication
Ensure that the user can authenticate using at least one of these options.
Authentication with Windows user account
Each SwyxWare user can be assigned one or more Windows (domain)user accounts. The SwyxWare user must be logged in using one of these Windows user accounts to be able to use SwyxIt! to place calls. You can add a Windows user by clicking on "Add…" and then making a selection from the list displayed. You can remove a Windows user account from the list by highlighting it and then clicking on "Remove".
When a user logs in using a Windows user account, the user and SwyxServer need to be within the same domain.
For the telephony clients within SwyxWare for DataCenter andSwyxON, who are typically not in a domain with the SwyxServer, this authentication is then not possible.
Federated authentication via identity provider
If your organization uses identity provider services, you can use federated authentication instead of Windows authentication (federated authentication with OAuth 2.0 and OpenID Connect) .
If you enable an identity provider configuration, SwyxServer will offer federated authentication for selection instead of authentication via the Windows user account.
Disable all identity provider configurations to reuse Windows authentication.
Disable all identity provider configurations to reuse Windows authentication.
Authentication with user name and password
If necessary, enter a user name and password with which a user can log in to SwyxWare Administration and the clients.
The user name must correspond to the UPN format (User Principal Name): User login name +"@" + UPN suffix. You can use the domain name or an alias as the UPN suffix.
Example: john.jones@company.com
You can set the UPN suffix in the server properties, see The "Security" tab.
Users configured before V 11.25 do not use UPN.
To enable these users to log in via UPN, enter the appropriate UPN for each user.
To enable these users to log in via UPN, enter the appropriate UPN for each user.
The user name is used to create a SIP user ID.
Force complex password:
As an administrator, you can force or deactivate the use of complex passwords as a general rule for SwyxServer in server configuration (Password settings)
This rule can be configured individually for each user.
You can select among the following three options in the "force complex password" option field:
Use server default settings (<current setting>): ("Yes" or "No")The general settings on the SwyxServer apply for the user. This option is set by default.
Force complex password: "Yes"Regardless of the SwyxServer configuration, the user must set up a complex password.
The corresponding dialog window with brief instructions is shown to the user when changing the password.
Force complex password: "No"Regardless of the SwyxServer configuration, the user must set up a simple password.
Reset password:
The password reset service in Swyx Control Center offers the possibility to reset the own password or the password of a user:
By the administratorAn administrator can reset a user's password by clicking the "Reset password" button.
The user's password will be deleted and the user will not be able to log in to SwyxServer. The user's existing login session will be automatically terminated within one hour. The user will receive an email with the URL to the special Swyx Control Center dialog (SCC URL) where he has to reset his password, help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/PasswordReset_$
The SCC password reset URL is valid only for 24 hours or until the user changes his password.
If the user has not changed their password after the expiration date, reset the user's password to send a new email with the URL, or send the generated SCC URL with the user token directly to the user, see help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/Users-Edit-Authentication
If the user has not changed their password after the expiration date, reset the user's password to send a new email with the URL, or send the generated SCC URL with the user token directly to the user, see help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/Users-Edit-Authentication
Initiated by the userThe user can click the "Forgot password" button in the login window of SwyxIt! to create a new password.
The user is redirected via the SCC URL to the special Swyx Control Center dialog where he has to reset his password, see help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/PasswordReset_$
Prerequisites for resetting user passwords are the following settings of the SwyxServer and the SwyxWare user:
3. Configuration in Swyx Control Center: SCC URL, see
help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/GeneralSettings-System-Login
help.enreach.com/controlcenter/3.30/web/Swyx/en-US/#context/help/GeneralSettings-System-Login
Last modified date: 01/24/2024