Messaging

Overview

The AuthControl Sentry Core can be configured to send messages for various events, to synced in user accounts. This is done by mapping and syncing user groups and destination attributes, such as email address or phone number, which exist on external LDAP based data sources.

When accounts are synced into AuthControl Sentry they can be sent an Account Creation email and an App Provision email automatically. However this requires that their mail attribute is populated and a Messaging transport has been setup prior. Users can also be set to receive an SMS containing a One Time Code for use during authentication.

The types of messages available to send are:

Message Type Purpose
Credentials Alert Alert Welcome email and PIN number
App Provision Alert Mobile App Provision
One Time Code Strings One Time Code for use during authentication
PIN expiry Alert Warning of PIN expiry
PIN change required Alert PIN change is required now or account will be locked
PIN changed Alert Notification that PIN has been changed by the user
Account locked Alert Notification that user’s account has been locked
Account unlocked Alert Notification that user’s account has been unlocked
Account inactive Alert Notification that user’s account has become inactive
Account inactive warning Alert Notification that user’s account will soon become inactive
Reset Code Alert Reset code for use during PIN reset validation process
Confirmation Code Alert Confirmation code for user portal validation processes
Password changed Alert (Non-AD) password credential has been changed by the user

All messages can be customised from the Messaging menu.

Setup email messaging

General Prerequisites

  • Previously configured repository
  • All users setup with a mail attribute in the repository
  • Users synced into groups in AuthControl Sentry

Setup the messaging transport

Select Messaging -> General, from the left hand menu. The general screen is where we map user groups and destination attributes (such as email or phone) to messaging transports. You will notice an existing messaging transport entry named ‘SMTP’. This is a pre-defined entry which is linked to the SwivelSMTP group. Let’s take a look at this now. Expand the SMTP entry:

_images/2020-05-05_14-23-55.png

You can see the following mappings:

Item Value
Destination attribute email
Strings Repository Group —NONE—
Alert repository group SwivelSMTP
Push repository group —NONE—
Voice repository group —NONE—

So by being a member of the SwivelSMTP group and having a populated email attribute synced in from the repository, you can receive email based alerts via this Messaging transport.

Hint

Each time you make a change to these settings, a repository ‘User Sync’ will be required from the User Administration screen to make the changes take effect.

We can confirm a user’s messaging transport assignment on the User Administration screen. In the left hand menu, click ‘User Administration’, select your user repository from the ‘Repository’ drop down. Then select the ‘Transport’ option from the ‘View’ drop down. The user list will update below to display the messaging transport mappings:

_images/2020-05-05_14-35-34.png

Sending out emails automatically

When an account is created, the user can be emailed with a welcome email (containing their PIN number if using a PIN based authentication method), and a Mobile App provision email to help get them setup with authentication via the AuthControl Mobile app. These automated emails are configured under the Policy -> General menu:

_images/2020-05-05_15-08-15.png
Policy Setting
Auto. set credentials on user creation Yes
Auto. send provision code Yes

Hint

If a user has already been synced in to the AuthControl Sentry database, then an attempt will already have been made to send the messages. So you will either need to manually invoke the sending of the messages or delete and purge the user accounts from AuthControl Sentry and import them again (as new users).

Email template customisation

Here is a preview of the built-in welcome (and PIN credential) email:

_images/accountcreation.png

Here is a preview of the built-in app provision email:

_images/mobileappprovision.png

You can customise the HTML of these email templates under Messaging -> SMTP in the left hand menu:

_images/2020-05-05_15-29-29.png

Hint

We recommend that you copy and paste the HTML into an editor and paste it back in once modified, rather than attempting to edit it inside the form field.

The email images reference a BASE URL which is configured under Server -> Name in the left hand menu. If you wish for email images to be retrieved from the AuthControl Sentry appliance then you must specify the FQDN of the appliance as it appears to the outside world, here:

_images/2020-05-05_15-37-02.png

Once the BASE URL is configured and access is provided from the outside world, you can upload custom email images using the ‘Upload Email Images’ left hand menu option. First click ‘Browse’ to select your custom image, then click the ‘Upload’ button. Once uploaded you can then utilise these images into your HTML email.

_images/2020-05-05_15-40-09.png