You're viewing documentation for release 6 (LTS). Looking for a different release?

Deployment configurations

This article documents what information the 10Duke Integration Support team needs for your 10Duke Enterprise deployment and for the setup of production and non-production (such as staging and development) environments.

See also information on the localization, look and feel customization and feature configuration of 10Duke Login Application, 10Duke My Licenses, 10Duke OrgAdmin, and 10Duke Portal.

Confirm URLs for environments

Confirm the URLs you want to use for your 10Duke Enterprise environments. For example, for the production environment, it’s best practice to use a subdomain, such as id.customerdomain.com or licensing.customerdomain.com.

Confirm AWS region

10Duke Enterprise is deployed and hosted as a single-tenant environment in Amazon Web Services (AWS). The 10Duke Integration Support team will ask you to confirm which AWS region should be used for the production deployment.

Confirm DNS subdomain authority

Several Domain Name System (DNS) records must be added for the subdomains that you want to use for the environments.

10Duke offers two options:

  • 10Duke controls the DNS for the subdomains.

    After an initial DNS configuration done by you (adding a few DNS records), the 10Duke Integration Support team can add the necessary records when needed.

    As an exception, if you want emails to originate from outside the subdomain, you need to add email-related records yourself.

    We recommend this option because it reduces the need for back-and-forth communication after the setup has been done.

  • You control the DNS for the subdomains.

    The 10Duke Integration Support team contacts you whenever DNS records need to be added. This will be once or twice per deployed environment and once for the e-mail configuration.

    At least the following DNS additions must be done for each deployed environment:

    • Add the service DNS CNAME for the deployment stack.

    • Add the AWS Certificate Manager (ACM) DNS CNAME for the HTTPS certificate validation.

    In addition, four more records may need to be added for Amazon Simple Email Service (SES) email sending Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF). See more on SES email sending below.

Configure email sending

10Duke Enterprise can be configured to send emails on your company’s behalf related to the following features:

  • Inviting new users to the system

  • Inviting new and existing users and device clients to organizations (user groups and device client groups)

  • Verifying users’ email addresses

  • Prompting users to set a password (for example, after user account creation or import), and confirming the account activation was completed

  • Resetting users’ forgotten passwords

  • Informing users by email about:

    • a password change

    • the two-factor authentication (2FA) being activated or deactivated for their user account

    • the passkey being activated or deactivated for their user account

Emails can be sent to whichever email addresses users choose to use for their user accounts in the system.

Available email templates

10Duke Enterprise uses the following email templates for different use cases.

User account activation and verification

These templates are used for helping users activate and verify their accounts.

  • General email verification: a standard verification email for email address confirmation.

  • Account activation prompt: sent when a new user needs to activate their account.

  • Account activation confirmation: sent after a user successfully activated their account.

  • Recovery email verification: Sent to verify a recovery email address, used for password or account recovery.

Invitations

These templates are used when inviting users and device clients.

  • Invitation to new user to create account: sent to invite a new user to create an account.

  • Reminder invitation to new user to create account: sent to remind a new user about an open invitation to create an account.

  • Invitation to new user to join organization: sent to invite a new user to an organization.

  • Invitation to existing user to join organization: sent to invite an existing user to an organization.

  • Invitation to device client to connect to organization’s device client group: sent to invite a new or existing device client to connect to an organization’s device client group.

Credentials and security management

These templates inform users about changes to their credentials’ status:

  • Password changed confirmation: sent after a user successfully changed their password.

  • Reset forgotten password: sent when a user requested to reset their password. This email contains the required verification code, which must be used to complete the password change.

  • Reset forgotten password confirmation: sent after a user successfully reset their password.

  • Two-factor authentication (2FA) activation confirmation: sent after a user successfully activated 2FA for their account.

  • Two-factor authentication (2FA) deactivation confirmation: sent after a user successfully deactivated 2FA for their account.

  • Passkey activation confirmation: sent after a user successfully activated a passkey for their account.

  • Passkey de activation confirmation: sent after a user successfully deactivated a passkey for their account.

Setup options

There are two options for how your email sending can be set up:

  • Through your email service provider

    This option requires support for Simple Mail Transfer Protocol Secure (SMTPS). Provide the 10Duke Integration Support team with an SMTP username and password, and the host and port for 10Duke Enterprise to use.

    The emails are sent from an address such as no_reply@yourdomain.com or some other domain that you control. The originating address can be the same for all your environments.

    Bounces, complaints, deliveries, and so on go through your normal IT process. No additional DNS configuration is needed.

  • Using Amazon Simple Email Service (SES)

    The 10Duke Integration Support team activates the service for you. Provide them with one or more email addresses where email bounces and complaints are delivered. You need to monitor these in case customers are having trouble receiving emails from the service.

    If it’s agreed that 10Duke controls the DNS for the licensing service, there are two sub-options:

    • If you want the emails to originate from yourdomain.com or some other domain you control, you need to add a few DNS records to prove these are legitimate emails from your domain and that the AWS account can be used for your emails. (This is the case if 10Duke doesn’t control the DNS.)

      When possible, we recommend using this option. It’s usually easier to resolve possible problems when the owner of the addresses is responsible for the delivery.

    • If you want the emails to originate from licencing.yourdomain.com (and it’s controlled by 10Duke), the 10Duke Integration Support team can add the required records for you.

Customize the email content and appearance

To ensure sending emails with consistent content and appearance to the users, 10Duke Enterprise uses email templates that can be customized based on your requirements.

The 10Duke default email templates are intentionally minimalist (for example, plain dark text paragraphs on a light background, clean structure, and simple, high-visibility call-to-action buttons). While we support stylistic and content changes to align with your brand, extensive structural or style modifications are discouraged to ensure cost-effective maintenance of your email setup. We recommend focusing customizations on your brand alignment, such as the primary brand color, logo, and font.

All emails follow the same re-usable structure, in order:

  • Header

  • Content

  • Signature

  • Footer

This makes sure a uniform appearance is used across all emails.

Customizations can be, for example, made to:

  • The style settings, such as colors, fonts, and a logo, to make the emails match with your branding guidelines.

  • The content of the header. The header is included in all emails as the topmost element. By default, the header includes a placeholder for a logo.

  • The content of the email. The content for each use case that an email is sent for can be customized and localized.

  • The content of the signature (optional). By default, the signature is included in all emails as the last element after the content part, and includes only a salutation text.

  • The content of the footer. The footer is included in all emails as the bottommost element. By default, the footer includes a placeholder for the brand name text.

Contact the 10Duke Integration Support team about the customizations you need.

Supported characters in email addresses

The following characters are supported in email addresses before the @ sign:

  • Uppercase and lowercase letters A-Z and a-z

  • Digits 0-9

  • Special characters .!#$%&'*+=?^_`{|}~-

Note especially that in names such as “O’Leary”, an apostrophe ' and a grave accent ` are allowed characters, but single quotation marks and are not allowed.

On this page