Access Management

I would like the Applications tab to become optional just like the Selfservice tab will be in the next release, since a lot of customers only use the selfservice tab. I know that this will take great effort, but still would really like to see this in the future!

If you apply security by design, it is logical to enforce that when creating a new user, the password must be immediately replaced.

As an administrator I want to be able to reset the password from a local user and require the user to change this password at next logon. Currently you need to reset the password for the user and then edit the user to enable the change password option. Which is an additional step when resetting passwords.

It would be helpful in troubleshooting if you can view the applied rights for a user. For example, if I edit a user in Admin > Directory. Having a tab that shows "Permissions" or "Rights" then shows the complete outline of evaluated permissions for that user based on their roles. This would help in troubleshooting why some functionality isn't working for a user.

A description value/attribute is useful for self-documenting usage and function of a group within the HelloID space. Ideally this value would be available for local groups as well. Additionally, this should also be visible in the grid view Home > Groups and be integrated into the search.

Over time, we've seen an significant decline in the use of Radius as authentication. Besides this we expect that radius will not be safe to use in the future. Therefore we decided to deprecate Radius authentication on the long term. Our first step is to disable adding any new radius servers.

I would like a feature where I could redirect users, based off of a group to use a certain identity provider. My team was setting up DUO as an identity provider to log in to helloID. I wanted to test this with just my IT department before I rolled it out to the rest of staff. I was hoping to make it live in helloID and make a policy that redirect's only people in my IT department to use DUO and everyone else to use the default active directory login method. Also a feature like this could be used for more than just testing, it could be permanent if a user wished. That would be great.

I would like a feature where I could redirect users, based off of a group to use a certain identity provider. My team was setting up DUO as an identity provider to log in to helloID. I wanted to test this with just my IT department before I rolled it out to the rest of staff. I was hoping to make it live in helloID and make a policy that redirect's only people in my IT department to use DUO and everyone else to use the default active directory login method. Also a feature like this could be used for more than just testing, it could be permanent if a user wished. That would be great.

As an administrator I would like to recieve a incident when my application secret for the Azure AD IDP configuration and/or the Azure AD Sync is about to expire. When these secrets expire users are not able to login through the Azure AD IDP anymore and/or users will not be synced anymore through the Azure AD sync. Within Azure AD currently there is no native option to notify administrators about expiring secrets. Secret information about the current application can be retrieved through the graph api with the following command: https://graph.microsoft.com/beta/applications/{applicationid}/passwordCredentials

Would like the ability for the HelloID portal to show the 'Change Password Requirements' similar to how the SSRPM portal shows it.