[email protected]

Home Members [email protected]

Learn more about our upcoming Identity Summits

show less show more
Profile picture of anji.yalla@capitalone.com

@anji-yallacapitalone-com

active 5 years, 1 month ago
Points balance: 600 ♪
Rank: [email protected]
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic How to invalidate all the current user sessions at the moment? in the forum Access Management 5 years, 1 month ago

    Hi,

    Is there any OpenAM rest point or something which I can use to delete all the existing sessions for the given user (userid)?

    Note: I know that we can do by going to OpenAM console but I have a need to do it programatically on some customer’s action.

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Expiring the individual ForgeRock User password in DJ in the forum Directory Services 5 years, 2 months ago

    Hi Team,

    I have a requirement to expire the individual customer/User’s password after certain period of time. Is there any built-in/out of the box feature in DJ that I can leverage?

    E.g. I have a user SAM in my DJ and I want to expire SAM’s password in next two days or after 48 hours so that he will get failure when he try to…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic Change RDN from one attribute to another in the forum Directory Services 5 years, 3 months ago

    Thanks Brad. The link that you have given explains how to change the value of the RDN and doesn’t show how to change the RDN attribute itself. Can you confirm please?

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Change RDN from one attribute to another in the forum Directory Services 5 years, 3 months ago

    Hi,

    Right now we have around 15Million records in production and UID is our RDN. But we want to change the RDN from UID to some other GUID attribute. And both of these(UID and GUID) attributes exist and are already populated with the values. So we need to just flip the RDN attribute without affecting any data.

    Current: DN:…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic OpenAM AMLB cookie for stickiness in the forum Access Management 5 years, 3 months ago

    Is there a good documentation on how AMLB cookie works for stickiness?. We need to configure that on AWS ELB to maintain the stickiness. Please help.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic OpenDJ Restricted password list file in the forum Directory Services 5 years, 5 months ago

    Hi, We want to maintain a file which contains the list of bad passwords that we don’t want our customers to choose. Is there a way to achieve this in OpenDJ? This is not the password history related one which is specific to customer. But this Restricted list should apply basically to all DJ users.

    Any help here will be appreciated.

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic OpenAM Rest Endpoints for user provisioning and authentication in the forum Access Management 5 years, 5 months ago

    Thanks Simon. Yeah we thought the same for Authentication but thinking what can we do for user provisioning (/users) for create user and update user using the OpenAM Rest Endpoints.

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic OpenAM Rest Endpoints for user provisioning and authentication in the forum Access Management 5 years, 5 months ago

    Also, I am looking at OpenAM level and not at OpenDJ level. We are not planning to use OpenAM Rest endpoints for Authentication and Provisioning and we don’t want to invoke OpenDJ directly.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic OpenAM Rest Endpoints for user provisioning and authentication in the forum Access Management 5 years, 5 months ago

    Thank you so much Brad for the inputs. Can you please give me some clue/pointers how can we do this?

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic OpenAM Rest Endpoints for user provisioning and authentication in the forum Access Management 5 years, 5 months ago

    Hello all, we are using the forgerock OpenAM Rest APIs for authentication and UserProfile management. We have a requirement to send the encrypted username and encrypted password all the way upto ForgeRock OpenAM. If we do so, is there a way to decrypt username/password before doing the authentication and before it gets stored in the OpenDJ.…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic Lock and Unlock user Account Manually Using REST APIs in the forum Directory Services 6 years ago

    Thanks Ludo. But we don’t want to use the OpenDJ rest API directly. We want to use the OpenAM rest API to create/read/update/delete users. Also we want to use the OpenAM Rest API for lock and unlock the user as well.

    Do you see any potential solution around this. We don’t want to change the password to unlock the user.

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Password Policy in the forum Access Management 6 years ago

    Hi, I have created the custom password policy. My requirement is to get different properties of user using REST API /json/users/<username> like “invalidattempts”, “lastlogingtimestamp”, account locked or not locked etc… Is there a way to fetch all this information using OpenAM rest endpoints for any given user in single call?

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Lock and Unlock user Account Manually Using REST APIs in the forum Directory Services 6 years ago

    I am wondering that I am not able to find out any REST API to lock the user account and unlock the user Account manually using the REST APIs. I think there should be feature to be able to lock/unlock the account without really changing the password. Is this intentionally not provided or just was missed out?

    We have a use case where we need to…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] replied to the topic OpenAM Token Refresh in the forum Access Management 6 years ago

    Thanks Scott. So you say that actual token string will not be changed on refresh but it the idle time will be reset in the openAM session to keep it alive. So this means that Token(actual string I mean) will remain constant for for its life time then.

    I was reading some articles saying that it is good idea to change the token string every time it…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Implicit Token Refresh not happening on Policy evaluation call from OpenIG PEP in the forum Access Management 6 years, 1 month ago

    We are using OpenIG policy enforcement filter for policy evaluations. I am under the impression that token would be refreshed when it is touched for policy evaluation but it seems it is not happening. Can you please let me know your thoughts on this? Is this the expected or is Forgerock going to make any changes to this behaviour?

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Implicit Token Refresh not happening on Policy evaluation call from OpenIG PEP in the forum Access Management 6 years, 1 month ago

    We are using OpenIG policy enforcement filter for policy evaluations. I am under the impression that token would be refreshed when it is touched for policy evaluation but it seems it is not happening. Can you please let me know your thoughts on this? Is this the expected or is Forgerock going to make any changes to this behaviour?

    Thanks,
    Anji.

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic OpenAM Token Refresh in the forum Access Management 6 years, 1 month ago

    We are using the stateful sessions. When we call the OpenAM’s token refresh Rest API, idle time is getting reflected/updated but it seems that token is not getting changed on refresh. Isn’t the token supposed to be changed when token is refreshed for its idle time in the backend?

    Is that true that in stateful world will we have the same token…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic OpenAM Token Refresh in the forum Access Management 6 years, 1 month ago

    We are using the stateful sessions. When we call the OpenAM’s token refresh Rest API, idle time is getting reflected/updated but it seems that token is not getting changed on refresh. Isn’t the token supposed to be changed when token is refreshed for its idle time in the backend?

    Is that true that in stateful world, we will have the same token…[Read more]

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic SSO CrossDomain with OpenIG PEP without agent in the forum Access Management 6 years, 1 month ago

    Is that a good idea to do SSO cross domain using just OpenIG Policy Enforcement Filter without any agent? If so, do we really need CORS to be enabled on openAM?

  • Profile picture of anji.yalla@capitalone.com

    [email protected] started the topic Session Upgrade Using OpenAM Rest API in the forum Access Management 6 years, 1 month ago

    Hi,

    Is there a way to upgrade the existing session token to the given authentication level using any OpenAM Rest end points? In my case, I just want to believe the client and should just change the AuthLevel without doing any real next level authentication?

    Please let me know.

    Thanks,
    Anji.

  • Load More
Profile Photo marc.mcgee Profile Photo narendra428

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Handle exception in Node Patch Object
  • SP Initiated SSO – Unable to do sso or federation
  • Realm level access
  • How can I generate 32 bytes Random salt in js script
  • Bypass Login Page in Chain

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details