End user login

10Duke Enterprise comes with everything that you need for end user login, and in most cases, no implementation work is needed.

The 10Duke Login Application component provides a web-based login page, and profile pages where end users can manage their password and personal profile information and enable two-factor authentication (2FA). Users can also create their own account and self-register to an application you offer.

Depending on your 10Duke Enterprise configuration, the user may be automatically logged out if they have been idle on the profile page for a configurable period of time (30 minutes by default). If you’re using single logout (SLO), a logout from the profile page also starts a single logout process from other client applications. See more on implementing SLO in your OIDC and SAML client applications.

You can customize the look and feel of the Login Application to suit your branding. If necessary, you can also implement your own UI layer on top of it in your application.

There are some use cases where you wouldn’t use the 10Duke Login Application. The most common ones are the following:

  • You (the vendor) are using your own external identity provider (a “customer identity provider”), and all authentication requests are directed to this provider.

    See how to define the connection in SysAdmin and at the external identity provider’s end.

  • You need to make bigger changes to the login UI than what the Login Application customization allows.

    In this case, you can implement your own custom Login Application. This custom application can either replace or work in parallel with the 10Duke Login Application.

  • You may want to implement user registration or user profile management (or both) on top of the 10Duke Identity Management REST API, in which case you would not use these particular features in the 10Duke Login Application.

For support on custom implementations, contact the 10Duke Integration Support team.