Versions Compared

Old Version 3

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 4

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To add an extra layer of protection to your site to help prevent potential anonymous password resets and account requests from being initiated from from automated software, your organization can register for a free Google reCAPTCHA account. Once you have an account, you can integrate it with EmpowerID as an OAuth Provider application. To do so, edit the default Google reCAPTCHA OAuth provider in EmpowerID, adding the Site Key and Secret Key associated with your reCAPTCHA account.

To get reCAPTCHA and learn more about setting it up for your domain, visit https://www.google.com/recaptcha/intro/.

Note

If you use a proxy on your EmpowerID servers or desktops, you must allow the following sites to be opened over the proxy.

Integrate Google reCAPTCHA
Warning

If you view a page that requires reCAPTCHA prior to configuration and you get a misconfiguration message, clear the browser cache before accessing the page again.

After configuration, reset IIS.

Integrate Google reCaptcha

  1. On the navbar, expand Single Sign-On > SSO Connections, and select OAuth / OPenID Connect.

  2. On the External OAuth Provider

    form that appears tab

    tab, search for Google reCAPTCHA and click the Provider link.

    Image Added


    This opens the External

    O page.
    3. From

  3. OAuth Provider Details for reCaptcha. You use this view to add your provider details.

    Image Added

  4. In the grid, click the Edit button for the Google reCAPTCHA provider.

    5. Image Removed
  5. Image Added

  6. In the General dialog that appears, do the following:

    1. Enter the Site key

    7. for your Google reCAPTCHA account

    1. in the Consumer Key field.

    2. Enter the Secret key

    8. for your Google reCAPTCHA account

    1. in the Consumer Secret field.

    2. Click Save.

    9. Image Removed
    1. Image Added

  10. From the Start menu, run iisreset.exe.

Now, when a user clicks the Forgot Password link, the Password Reset Center appears with a Google reCAPTCHA validation, as in the image below.

Image Removed

...

  1. Recycle the EmpowerID app pools to have your changes take immediate effect.

Disable Google reCAPTCHA without removing your keys

  1. From

    On the

    navigation bar

    navbar, expand 

    Resources

    Object Administration and select Workflows.

  2. On the Workflow tab,

    enter the search term "passwordreset" and in the search results, select Password Reset Center.
    Image Removed

    search for PasswordResetCenterMFA and and click the Display Name link for the workflow.

    Image Added

  3. On the Workflow Details

    page

    for the workflow that appears, expand the Request Workflow Parameters

    section

    accordion and search for

    "use

    UseCaptcha.

    "

  4. In the search results, click the Edit button for the UseCaptcha parameter, which is set to true by default.

    Image RemovedImage Added

  5. Change the Value of the parameter from true to false and click Save. Do NOT change the Name field, as EmpowerID uses this to determine which parameter to change. If you change the Name field, the parameter is ignored.

  6. From the command line, run iisreset.exe to update your site.
  7. To test the change, in your browser, replace anything in the site URL from the pound sign (#) to this: #aw/passwordresetcenter
    For example, https://sso.empowersso.com/UI/#aw/passwordresetcenter
    Or log out and on the Login page, next to Forgot your: click Password. The password reset center no longer shows the reCAPTCHA section.

    Recycle the EmpowerID app pools to have your changes take immediate effect.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue