keycloak-scim/server_admin/topics/account.adoc

[[_account-service]]

== Account Console

{project_name} users can manage their accounts through the Account Console. Users can manage their profiles, add two-factor authentication, include identity provider acounts, and manage device activity.

[role="_additional-resources"]
.Additional resources

* The Account Console is completely themeable and internationalizable as is the case with all {project_name} user interfaces. For example, you can add attributes to the *Personal Info* page. For more details, see the link:{developerguide_link}[{developerguide_name}].

=== Accessing the Account Console

Any user can access the Account Console.

.Procedure

. Make note of the realm name and IP address for the {project_name} server where your account exists.

. In a web browser, enter a URL in this format: `<server-root>/auth/realms/{realm-name}/account`.

. Enter your login name and password.

.Account Console
image:images/account-console-intro.png[Account Console]

=== Configure ways to sign in

You can sign in to this console using basic authentication (a login name and password) or two-factor authentication. For two-factor authentication, use this procedure.

.Prerequisites

* OTP is a valid authentication mechanism for your realm.

.Procedure

. Click *Account Security* in the menu.

. Click *Signing In*.

. Click *Set Up Authenticator Application*.
+
.Signing In
image:images/account-console-signing-in.png[Signing In]

. Follow the directions that appear on the screen to use either
 https://freeotp.github.io/[FreeOTP] or https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2[Google Authenticator] on your mobile device as your OTP generator.

. Scan the QR code in the screen shot into the OTP generator on your mobile device.

. Log out and log in again.

. Respond to the prompt by entering and OTP that is provided on your mobile device.

=== Viewing device activity

You can view the devices that are logged in to your account.

.Procedure

. Click *Account Security* in the menu.
. Click *Device Activity*. 
. Log out a device if needed.

.Devices
image:images/account-console-device.png[Devices]

=== Adding an identity provider acccount

You can link your account with an <<_identity_broker, identity broker>>. This option is often used to link social provider accounts.

.Procedure

. Log into the Admin Console.

. Click *Identity Providers* in the menu.

. Click *Add provider*.

. Select a provider and complete the fields.

. Return to the Account Console.

. Click *Account Security* in the menu.

. Click *Linked Accounts*. 

The identity provider you added appears in this page.

.Linked Accounts
image:images/account-console-linked.png[Linked Accounts]

=== Accessing other applications

The *Applications* menu item shows users which applications you can access. In this case, only the Account Console is available.

.Applications
image:images/account-console-applications.png[Applications]
account service 2016-05-27 18:52:34 +00:00			`[[_account-service]]`

KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`== Account Console`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`{project_name} users can manage their accounts through the Account Console. Users can manage their profiles, add two-factor authentication, include identity provider acounts, and manage device activity.`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`[role="_additional-resources"]`
			`.Additional resources`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`* The Account Console is completely themeable and internationalizable as is the case with all {project_name} user interfaces. For example, you can add attributes to the Personal Info page. For more details, see the link:{developerguide_link}[{developerguide_name}].`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`=== Accessing the Account Console`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`Any user can access the Account Console.`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`.Procedure`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`. Make note of the realm name and IP address for the {project_name} server where your account exists.`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			. In a web browser, enter a URL in this format: `<server-root>/auth/realms/{realm-name}/account`.
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`. Enter your login name and password.`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`.Account Console`
			`image:images/account-console-intro.png[Account Console]`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`=== Configure ways to sign in`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`You can sign in to this console using basic authentication (a login name and password) or two-factor authentication. For two-factor authentication, use this procedure.`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`.Prerequisites`

			`* OTP is a valid authentication mechanism for your realm.`

			`.Procedure`

			`. Click Account Security in the menu.`

			`. Click Signing In.`

			`. Click Set Up Authenticator Application.`
			`+`
			`.Signing In`
			`image:images/account-console-signing-in.png[Signing In]`

			`. Follow the directions that appear on the screen to use either`
			`https://freeotp.github.io/[FreeOTP] or https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2[Google Authenticator] on your mobile device as your OTP generator.`

			`. Scan the QR code in the screen shot into the OTP generator on your mobile device.`

			`. Log out and log in again.`

			`. Respond to the prompt by entering and OTP that is provided on your mobile device.`

			`=== Viewing device activity`

			`You can view the devices that are logged in to your account.`

			`.Procedure`

			`. Click Account Security in the menu.`
			`. Click Device Activity.`
			`. Log out a device if needed.`

			`.Devices`
			`image:images/account-console-device.png[Devices]`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`=== Adding an identity provider acccount`
account service 2016-05-27 18:52:34 +00:00
KEYCLOAK-16916 Documenting the new Account Console (cherry picked from commit 44ddb212d981c84046dff272f26647d20fe79268) 2021-05-07 22:06:47 +00:00			`You can link your account with an <<_identity_broker, identity broker>>. This option is often used to link social provider accounts.`

			`.Procedure`

			`. Log into the Admin Console.`

			`. Click Identity Providers in the menu.`

			`. Click Add provider.`

			`. Select a provider and complete the fields.`

			`. Return to the Account Console.`

			`. Click Account Security in the menu.`

			`. Click Linked Accounts.`

			`The identity provider you added appears in this page.`

			`.Linked Accounts`
			`image:images/account-console-linked.png[Linked Accounts]`

			`=== Accessing other applications`

			`The Applications menu item shows users which applications you can access. In this case, only the Account Console is available.`

			`.Applications`
			`image:images/account-console-applications.png[Applications]`
fixed RHSSO-891 2017-03-15 14:14:32 +00:00