Configure how users authenticate to IDaaS (EIAM) — including which logon methods are available, which appears by default on PC and mobile, and how long sessions stay active.
Logon methods
IDaaS includes three built-in logon methods and supports additional methods through identity provider (IdP) configurations.
Built-in logon methods
| Logon method | Default status | Notes |
|---|---|---|
| IDaaS username password logon | Enabled | Uses the username and password stored in IDaaS. Users imported from DingTalk without a password cannot use this method. |
| IDaaS text message verification code logon | Disabled | Requires a bound mobile phone number. The SMS template can be viewed but not modified. No SMS fee is charged in the current version. |
| WebAuthn authenticator logon | — | Based on the WebAuthn protocol. Allows secure logon using a hardware authenticator. For details, see Advanced: WebAuthn secure logon. |
Add logon methods
Third-party logon methods (such as DingTalk QR code logon) are added when you configure an identity provider. When binding an IdP, select the option to enable the corresponding logon method — IDaaS automatically creates it and makes it available on the logon page.
Disable logon methods
After a logon method is disabled, it is removed from the logon page and cannot be used.
Logon configuration
The following parameters control how the IDaaS logon page behaves.