Platform - Feature Settings
Updated
The following article provides information on the Platform/Governance related Feature Settings and their description.
Feature Setting Name | Description |
Password History Check by Admins | When the PASSWORD_HISTORY_CHECK_BY_ADMINS_ENABLED property is enabled, the system enforces password history validation even when administrators reset user passwords. This means administrators cannot set a password that the user has previously used. When disabled, administrators can set any valid password for users without checking against the user's password history. This configuration provides flexibility in password management policies while maintaining security standards as needed by the organization. |
SAML Attributes Multiple Values | When SAML_ATTRIBUTES_MULTIPLE_VALUES_ENABLED is enabled, the system will combine multiple values from a single SAML attribute into one value using a delimiter. When disabled, only the first value of a SAML attribute is captured. For example:
This affects how SAML attribute values are processed during Single Sign-On (SSO) authentication and stored in the system. |
SSO Auto Login Disabled | When SSO_AUTO_LOGIN_DISABLED is enabled (set to true), it prevents automatic login behavior in single sign-on (SSO) scenarios. Here's how it affects the system: When enabled (true):
When disabled (false):
This property helps organizations control whether users should be required to take explicit action to log in, even in scenarios where automatic authentication would be technically possible |
TFA Remember Me IP Address Check Disabled | Controls whether TFA "Remember me" still requires the current login IP to match the user's known IPs. When DP is on, a valid cookie skips TFA from a new IP; when off, an unknown IP still forces TFA. |
User TFA Checkbox Disabled | When the USER_TFA_CHECKBOX_DISABLED property is enabled, it affects how Two-Factor Authentication (TFA) settings can be managed in the user interface:
This property works in conjunction with other TFA-related settings and is primarily used to enforce mandatory TFA usage by removing the ability to disable it through the user interface. |
Bulk Activate Send New User Mail Enabled | When the BULK_ACTIVATE_SEND_NEW_USER_MAIL_ENABLED property is enabled or disabled, it controls whether invitation emails are sent during bulk user activation: When Enabled:
When Disabled:
This property specifically affects the email behavior during bulk activation operations and doesn't impact invitation emails sent during individual user activation or when creating new active users. |
Related Article: