Home
Product documentation
Support homeSupport requestsSystem statusTrust centerTry for free

Creating an identity store

Suggest Edits
  1. Navigate to Identities > Identity stores.
  2. Select +Create identity store.
  3. The Create identity store page will open.
    You can configure the initial settings of the identity store, such as adding the name, identifier support, and password policy.
  4. Once you’ve completed the initial settings, you can save your changes to create the identity store.

📘

The Account attributes tab becomes active after saving the identity store. You can open identifiers and attributes to manage their required status and visibility, and you can also add new attributes.

Settings

Identity store name: This setting is mandatory. You can add the name of the identity store here. Each identity store has to have a unique name in the Admin Console.

Description: You can add a description that will appear in the identity store listing.

Policy tag: Policy tags allow you to label your identity stores with custom tags. This feature helps you categorize and organize resources for easier management and search.

General settings

Password quality policy: This setting is mandatory. You can select the password quality policy that will determine the password characteristics across the identity store.

Account event retention period: The setting shows the retention period for account event data. By default, it is set to the last 30 days and can’t be changed from the UI.

📘

You can contact Strivacity’s customer success team to request a longer retention period.

Enable self-service organization registration: You can allow self-service organization creation across the identity store. If enabled, any admin with adequate access rights can create organizations via the organization management portal.

Connect to Strivacity Directory Connector: It is possible to delegate authentication and synchronize attributes from a remote on-premise store. Enabling this option generates a key and secret for the Directory Connector, an on-premise component used to talk to local resources and communicate with Strivacity.

Synchronization options

If the Directory Connector is enabled, Synchronization options lets you configure how Strivacity handles password storage and access from the remote directory.

Password synchronization modes:

  • Do not store passwords locally: Authenticate customers by verifying passwords directly with the remote directory. No passwords are saved locally.
  • Cache passwords locally for backup access: Save passwords locally as a backup. If the remote directory is unavailable, the cached passwords will be used for authentication.

Sync password changes from accounts in the local directory to the remote directory account: Updates passwords in the remote directory whenever they are changed in the local identity store.

🚧

Password changes for synced accounts

If an account is snyced from an external directory, local password changes are only allowed when both of the following conditions are met:

  • The Connector is enabled.
  • Password synchronization is enabled. (Password caching alone does not allow changes.)

If the Connector is disabled or synchronization is not enabled, attempts to change the password will result in an error.

Non-synced local accounts are not affected by these settings.

Lifecycle event hooks

You can add an ‘After password change’ event hook directly to the identity store to keep customer password information up-to-date in external identity stores.

📘

You can create and deploy event hooks in Lifecycle event hooks.

Updated 27 days ago