2016-05-27 18:52:34 +00:00
[[_account-service]]
2021-05-07 22:06:47 +00:00
== Account Console
2016-05-27 18:52:34 +00:00
2024-02-21 18:42:33 +00:00
{project_name} users can manage their accounts through the Account Console. They can configure their profiles, add two-factor authentication, include identity provider accounts, and oversee device activity.
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
[role="_additional-resources"]
.Additional resources
2016-05-27 18:52:34 +00:00
2024-02-21 18:42:33 +00:00
* The Account Console can be configured in terms of appearance and language preferences. An example is adding additional attributes to the *Personal info* page. For more information, see the {developerguide_link}[{developerguide_name}].
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
=== Accessing the Account Console
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
.Procedure
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
. Make note of the realm name and IP address for the {project_name} server where your account exists.
2022-07-26 15:50:24 +00:00
. In a web browser, enter a URL in this format: _server-root_{kc_realms_path}/{realm-name}/account.
2021-05-07 22:06:47 +00:00
. Enter your login name and password.
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
.Account Console
2022-10-05 18:43:15 +00:00
image:images/account-console-intro.png[Account Console]
2016-05-27 18:52:34 +00:00
2021-06-04 08:57:22 +00:00
=== Configuring ways to sign in
2016-05-27 18:52:34 +00:00
2021-08-23 13:22:37 +00:00
You can sign in to this console using basic authentication (a login name and password) or two-factor authentication. For two-factor authentication, use one of the following procedures.
==== Two-factor authentication with OTP
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
.Prerequisites
* OTP is a valid authentication mechanism for your realm.
.Procedure
2022-06-01 18:17:59 +00:00
. Click *Account security* in the menu.
. Click *Signing in*.
2024-02-21 18:42:33 +00:00
. Click *Set up Authenticator application*.
2021-05-07 22:06:47 +00:00
+
2022-06-01 18:17:59 +00:00
.Signing in
2022-10-05 18:43:15 +00:00
image:images/account-console-signing-in.png[Signing in]
2021-05-07 22:06:47 +00:00
2024-02-21 18:42:33 +00:00
. Follow the directions that appear on the screen to use your mobile device as your OTP generator.
2021-05-07 22:06:47 +00:00
. Scan the QR code in the screen shot into the OTP generator on your mobile device.
. Log out and log in again.
2021-05-10 14:52:14 +00:00
. Respond to the prompt by entering an OTP that is provided on your mobile device.
2021-05-07 22:06:47 +00:00
2021-08-23 13:22:37 +00:00
==== Two-factor authentication with WebAuthn
.Prerequisites
2022-04-25 19:09:19 +00:00
* WebAuthn is a valid two-factor authentication mechanism for your realm. Please follow the xref:webauthn_{context}[WebAuthn] section for more details.
2021-08-23 13:22:37 +00:00
.Procedure
. Click *Account Security* in the menu.
2024-02-20 02:19:30 +00:00
. Click *Signing In*.
. Click *Set up a Passkey*.
2021-08-23 13:22:37 +00:00
+
.Signing In
2024-02-20 02:19:30 +00:00
image:images/account-console-signing-in-webauthn-2factor.png[Signing in with a Passkey]
2021-08-23 13:22:37 +00:00
2024-02-20 02:19:30 +00:00
. Prepare your Passkey. How you prepare this key depends on the type of Passkey you use. For example, for a USB based Yubikey, you may need to put your key into the USB port on your laptop.
. Click *Register* to register your Passkey.
2021-08-23 13:22:37 +00:00
. Log out and log in again.
2024-02-20 02:19:30 +00:00
. Assuming authentication flow was correctly set, a message appears asking you to authenticate with your Passkey as second factor.
2021-08-23 13:22:37 +00:00
==== Passwordless authentication with WebAuthn
.Prerequisites
* WebAuthn is a valid passwordless authentication mechanism for your realm. Please follow the <<_webauthn_passwordless,Passwordless WebAuthn section>> for more details.
.Procedure
. Click *Account Security* in the menu.
. Click *Signing In*.
2024-02-20 02:19:30 +00:00
. Click *Set up a Passkey* in the *Passwordless* section.
2021-08-23 13:22:37 +00:00
+
.Signing In
2024-02-20 02:19:30 +00:00
image:images/account-console-signing-in-webauthn-passwordless.png[Signing in with a Passkey]
2021-08-23 13:22:37 +00:00
2024-02-20 02:19:30 +00:00
. Prepare your Passkey. How you prepare this key depends on the type of Passkey you use. For example, for a USB based Yubikey, you may need to put your key into the USB port on your laptop.
. Click *Register* to register your Passkey.
2021-08-23 13:22:37 +00:00
. Log out and log in again.
2024-02-20 02:19:30 +00:00
. Assuming authentication flow was correctly set, a message appears asking you to authenticate with your Passkey as second factor. You no longer need to provide your password to log in.
2021-08-23 13:22:37 +00:00
2021-05-07 22:06:47 +00:00
=== Viewing device activity
You can view the devices that are logged in to your account.
.Procedure
2022-06-01 18:17:59 +00:00
. Click *Account security* in the menu.
. Click *Device activity*.
2021-05-10 14:52:14 +00:00
. Log out a device if it looks suspicious.
2021-05-07 22:06:47 +00:00
.Devices
2022-10-05 18:43:15 +00:00
image:images/account-console-device.png[Devices]
2016-05-27 18:52:34 +00:00
2022-06-01 18:17:59 +00:00
=== Adding an identity provider account
2016-05-27 18:52:34 +00:00
2021-05-07 22:06:47 +00:00
You can link your account with an <<_identity_broker, identity broker>>. This option is often used to link social provider accounts.
.Procedure
. Log into the Admin Console.
2022-06-01 18:17:59 +00:00
. Click *Identity providers* in the menu.
2021-05-07 22:06:47 +00:00
. Select a provider and complete the fields.
. Return to the Account Console.
2022-06-01 18:17:59 +00:00
. Click *Account security* in the menu.
. Click *Linked accounts*.
2021-05-07 22:06:47 +00:00
The identity provider you added appears in this page.
.Linked Accounts
2022-10-05 18:43:15 +00:00
image:images/account-console-linked.png[Linked Accounts]
2021-05-07 22:06:47 +00:00
=== Accessing other applications
The *Applications* menu item shows users which applications you can access. In this case, only the Account Console is available.
.Applications
2022-06-01 18:17:59 +00:00
2022-10-05 18:43:15 +00:00
image:images/account-console-applications.png[Applications]
2022-09-07 09:25:42 +00:00
=== Viewing group memberships
You can view the groups you are associated with by clicking the *Groups* menu.
If you select *Direct membership* checkbox, you will see only the groups you are direct associated with.
.Prerequisites
* You need to have the *view-groups* account role for being able to view *Groups* menu.
.View group memberships
2024-02-21 18:42:33 +00:00
.View group memberships
image:images/account-console-groups.png[View group memberships]
