The following table describes the collection properties for the Customers (User) microservice:
| S. No. | Attribute | Default Value | Description |
|---|---|---|---|
| 1 | activation_redirect_url | https://b2cdemo.skavacommerce.com/userActivation?activationParam= | This attribute specifies the user activation param redirection URL. The possible values are https://test.skavacommerce.com and https://cloud.skavacommerce.com. |
| 2 | activationparam_expiry_millisec | 86400000 | This attribute specifies the user activation param expiry time in milliseconds. The possible values are 86400000 and 172800000. |
| 3 | address_limit | 20 | This attribute specifies the user address limit. The possible values are 10, 15, and 20. |
| 4 | allow_update_email | true | This attribute specifies whether the email property is allowed to update or not. The possible values are true and false. |
| 5 | allow_update_phone | true | This attribute specifies whether the phone number property is allowed to update or not. The possible values are true and false. |
| 6 | default_locale | en_US | This attribute specifies the default locale of the collection. The locale should be mentioned in the Java standard locale format. |
| 7 | enable_user_merge | true | This attribute specifies the user account merge happens or not. The possible values are true and false. |
| 8 | google_login_keys | {“clientid”:”408819206782-uslg6b7so02jr6a78jb30ms9jss2cac1.apps.googleusercontent.com”,”clientsecret”:”1CRvU82CN2dZHvf0NUqF7svz”} | This attribute holds the client ID and client secret keys for Google login. |
| 9 | last_password_check_count | 3 | This attribute specifies the user last password checking count. The possible values are 3, 4, and 5. |
| 10 | login_attempt_expiry_millisecs | 60000 | This attribute specifies the user login attempt expiry time in milliseconds. |
| 11 | max_login_attempts | 3 | This attribute indicates the user maximum login attempt count. |
| 12 | MFA_enabled | false | This attribute specifies the multi-factor authentication (MFA) enables or not. The possible values are true and false. |
| 13 | MFA_expiry_millisecs | 300000 | This attribute specifies the expiry time (in milliseconds) for the MFA token (OTP). The possible values are 300000, 600000, and 900000. |
| 14 | MFA_recent_OTP_check_count | 3 | This attribute indicates the most recent number of OTPs, which can be validated for redundancy. The possible values are 3, 4, and 5. |
| 15 | MFA_resend_limit | 3 | This attribute indicates the maximum number of resend attempts for MFA OTP. The possible values are 3, 4, and 5. |
| 16 | MFA_retry_limit | 3 | This attribute indicates the maximum number of OTP retry attempts for MFA. The possible values are 3, 4, and 5. |
| 17 | notificationparam_expiry_millisec | 180000 | This attribute specifies the user notification param expiry time in milliseconds. The possible values are 180000, 360000, and 540000. |
| 18 | public_profile_class | com.skava.strategyimpl.DefaultPublicProfileStrategyImpl | This attribute indicates the public profile class name, which can be used to customize the public profile properties of the user. The possible value is com.skava.strategyimpl.DefaultPublicProfileStrategyImpl. |
| 19 | public_profile_searchkey | firstName,lastName,userName | This attribute indicates the public profile search key of the user profile separated by commas, such as firstName, lastName, userName. |
| 20 | reset_password_redirect_url | https://cloud-store.equinox.shop/resetPassword?resetParam= | This attribute specifies the user reset param password redirection URL. The possible values are https://test.skavacommerce.com and https://cloud.skavacommerce.com. |
| 21 | resetparam_expiry_millisec | 86400000 | This attribute specifies the user reset param expiry time in milliseconds. The possible values are 86400000 and 172800000. |
| 22 | site_url | https://b2cdemo.skavacommerce.com/ | This attribute specifies the redirection site URL for login on-behalf-of. The possible values are https://test.skavacommerce.com and https://cloud.skavacommerce.com. |
| 23 | OAuth.enabled | false | This attribute indicates whether OAuth is enabled or not. The value:
|
| 24 | OAuth.jwksURI | https://cloud.skavacommerce.com/user_metadata | This attribute gets the JWS key to validate the token from SSO. |
| 25 | OAuth.redirectURI | https://qa.skavacommerce.com/admin/foundation/signin | This attribute contains the redirect URI for authorizing the user who tries to authenticate with OAuth. |
| 26 | OAuth.authorizationScope | openid profile | This attribute indicates the authorization scope values used by OAuth clients to specify what access privileges are being requested for access tokens. |
| 27 | OAuth.authorizationAudience | Admin-User-Connection | This attribute indicates the audience who consumes the OAuth provider. |
| 28 | OAuth.userMetaDataClaim | https://cloud.skavacommerce.com/user_metadata | This attribute contains the claim to receive additional user metadata such as first name, last name, phone number, gender, and DOB from the OAuth provider. |
| 29 | OAuth.authorizationDomain | dev-n-e7v7s6.auth0.com | This attribute indicates the domain name of the OAuth provider. |
| 30 | OAuth.clientSecret | Uy4O-hmDSzUg-G-J-kBRkp8iir0mYtYUXWhM_AMkJxsqoyNMa9NqocKTkkiEBI91 | This attribute contains the client secret received from the OAuth provider. It is an optional property. If the secret manager is enabled, it should be available in the secret manager. |
| 31 | OAuth.clientId | C67OhU2ad3x93ZtbP26fFrkiBR3kuNqR | This attribute contains the client ID received from the OAuth provider. |
| 32 | LDAP.enabled | false | This attribute indicates whether LDAP is enabled or not. The value:
|
| 33 | LDAP.providerUrl | ldap://localhost:10389/dc=skava,dc=com | This attribute indicates the domain information of the LDAP provider. |
| 34 | LDAP.managerDN | uid=admin,ou=system | This attribute indicates the distinguished name of the LDAP manager. |
| 35 | LDAP.managerPassword | secret | This attribute specifies the password of the LDAP manager. |
| 36 | LDAP.userDnPattern | uid={0},ou=users,ou=system | This attribute specifies the distinguished name pattern of the LDAP user. |
| 37 | LDAP.groupSearchBase | ou=groups,ou=system | This attribute indicates the base search pattern of the LDAP groups. |
| 38 | LDAP.groupRoleAttribute | cn | This attribute indicates the attribute of the LDAP group. This value along with role prefix is mapped with the Skava roles. |
| 39 | LDAP.groupSearchFilter | (uniqueMember={0}) | This attribute indicates the search filter of the group. It is combined with the property `LDAP.groupSearchBase` to find the group information of the user. |
| 40 | LDAP.rolePrefix | ROLE_ | This attribute contains the prefix to be added with the LDAP user group attribute. This makes LDAP role names look similar to the Skava role names. |
| 41 | user_activation_method | Link | This attribute defines whether the activation method of a user is either an activation email link or mobile OTP. |
| 42 | password_expiry_days | 60 | Thia attribute specifies the number of days after which the password is expired.The value is given in days. |
| 43 | firebase_user_config | NA | This attribute holds the configuration and server property details of Firebase. |
| 44 | skipTotalCount | false | This attribute is used to skip total count using the "Search All Users" API. When this property is set to:
|
| 45 | passwordMinLength | 8 | This attribute is used to set the minimum length of the password. |
| 46 | passwordMaxLength | NA | This attribute is used to set the maximum length of the password. |
| 47 | requiredNumber | true | This attribute specifies whether the password should contain digits or not. |
| 48 | requiredUpperCase | true | This attribute specifies whether the password should contain upper-case letters or not. |
| 49 | requiredLowerCase | true | This attribute specifies whether the password should contain lower-case letters or not. |
| 50 | allowedSpecialChars | !@#$%^&*_ | This attribute specifies to set list of allowed special characters in a password. |
| 51 | allowed_identities | EMAIL,PHONENUMBER | This attribute allows a list of identities, that is, Email and Phone Number. |
| 52 | excludeProviderListForInvite | NA | List of domains that will be excluded from mail invite. |
| 53 | nextresetmail_intervaltime_millisec | 0 | Cooldown time to request reset password link in milliseconds |
| 54 | password_change_interval | -1 | User can update the password n(limit)times within given time interval. |
| 55 | password_change_limit_interval | -1 | User can update the password within the given limit. |
| 56 | zipcodeValidator | com.skava.strategyimpl.DefaultZipCodeValidatorStrategyImpl | This attribute holds the zipcode validator class. |
| 57 | allowedProviderListForInvite | This property enables you to limit user creation to specific email domains. By default, it holds no value. However, if required, you can update it with a comma-separated string of domain values. |
|
| 58 | enableBlacklistPasswordValidation | true | When this property is set to:
|
| 59 | MFA_authenticator_enabled | false | This collection property is used to enable/disable the multi-factor-based login for the business users to log in to the Infosys Equinox Admin consoles. The default value is false. |
| 60 | password_expiry_reminder_before_days | 14 | This attribute specifies the number of days an email notification reminder for password expiry needs to be sent automatically. |
Revision History
2024-09-13 | SD – Updated collection properties.
2024-03-05 | SD – Updated collection properties.
2021-12-24 | JP – Updated content for 8.13 release.
2021-01-21 | HM – Minor copyedit.
2020-10-08 | HM – Updated collection properties.
2020-01-24 | AN – Updated content for February 2020 release.
2019-07-09 | JP – Updated collection properties for the July 2019 release.
2019-05-01 | PLK – Minor copyedit.
2019-04-15 | MA – Content updated for the April 2019 release.
2019-01-21 | PLK – Page created and content uploaded.
