Versions Compared

Old Version 5

changes.mady.by.user Kim Landis

Saved on

compared with

New Version Current

changes.mady.by.user Kim Landis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


...

Style

...

import

...

https:/

...

/

...

docs.empowerid.com/docs.css
To add an extra layer of protection to your site to help prevent potential anonymous password resets and account requests from being initiated from from automated software, your organization can register for a free Google reCAPTCHA account. Once you have an account, you can integrate it with EmpowerID as an OAuth Provider application. To do so, edit the default Google reCAPTCHA OAuth provider in EmpowerID, adding the Site Key and Secret Key associated with your reCAPTCHA account.
...
To get reCAPTCHA and learn more about setting it up for your domain, visit https://www.google.com/recaptcha/intro/.

 Note
If you use a proxy on your EmpowerID servers or desktops, you must allow the following sites to be opened over the proxy.


To integrate Google reCAPTCHA with EmpowerID
...
  1. In the Navigation Sidebar of the EmpowerID Web application, expand Admin, then SSO Connections, and click OAuth.
  2. On the OAuth Service Provider tab, search for Google reCAPTCHA and click the Provider link. 
    Image Removed
    Image Added
    This opens the OAuth Service Provider Details page for Google reCAPTCHA.

  3. From the grid, click the Edit button for the Google reCAPTCHA provider.
    Image Removed
    Image Added
  4. In the General dialog that appears, do the following:
    1. Enter the Site key for your Google reCAPTCHA account in the Consumer Key field.
    2. Enter the Secret key for your Google reCAPTCHA account in the Consumer Secret field.
    3. Click Save.
      Image Removed
...
stylemargin-top: 25px;
classrelatedContent
...
    1. .

      Image Added
  2. From the Start menu, run iisreset.exe.

Now, when a user clicks the Forgot Password link, the Password Reset Center appears with a Google reCAPTCHA validation, as in the image below.

Image Added
To disable Google reCAPTCHA without removing your keys
  1. From the navigation bar, expand Resources and select Workflows.
  2. On the Workflow tab, enter the search term "passwordreset" and in the search results, select Password Reset Center.

    Image Added
  3. On the Workflow Details page that appears, expand the Request Workflow Parameters section and search for "use."
  4. In the search results, click the Edit button for the UseCaptcha parameter, which is set to true by default.

    Image Added
  5. Change the Value of the parameter from true to false

     Warning
    Do NOT change the Name field, as EmpowerID uses this to determine which parameter to change. If you change the Name field, the parameter is ignored.

  6. From the command line, run iisreset.exe to update your site.
  7. To test the change, in your browser, replace anything in the site URL from the pound sign (#) to this: #aw/passwordresetcenter

    For example, https://sso.empowersso.com/UI/#aw/passwordresetcenter

    Or log out and on the Login page, next to Forgot your: click Password. The password reset center no longer shows the reCAPTCHA section.

 Info
iconfalse
titleRelated Content