All Products
Search

This Product

    Identity as a Service:General logon page

    Document Center

    Identity as a Service:General logon page

    Last Updated:Feb 24, 2026

    IDaaS provides a general logon page that allows end users to use their IDaaS accounts to log on to the CloudSSO user portal or directly to connected applications.

    Note

    Each IDaaS instance has a different logon page address, which you can find in the Quick Start, Accounts, and Logon menus.

    Logon flow

    image.png

    The following table describes the three key steps in the preceding figure:

    Special step

    Step name

    Description

    1

    Multi-factor authentication

    This is limited to the password-based logon method. For more information, see Multi-factor authentication.

    2

    Forced password change

    The forced password change feature is not yet available. Please stay tuned.

    3

    Select application account

    This applies only to the logon scenario in a service provider (SP)-initiated single sign-on (SSO) flow. After you log on, you need to select an application identity to initiate SSO.

    Logon page

    image.png

    Note

    Multi-factor authentication page

    For more information, see Multi-factor authentication.

    Select application account

    When you use the same IDaaS account to access the same application, you may need to assume multiple different identities. You can achieve this by adding multiple application accounts. For more information, see SAML application account configuration.

    During SP-initiated single sign-on for an application, if the logged-on IDaaS account has multiple application accounts, you are prompted to select one to access the application.

    image.png

    Logon exceptions

    Scenario

    Applicable feature

    Exception description

    CAPTCHA

    Applies only to logon with a username and password.

    In the same browser, after a logon fails once, all subsequent logon attempts with a username and password require CAPTCHA until a logon is successful.

    Account locking

    Applies only to logon with a username and password.

    An account is locked if 10 consecutive logon attempts fail within 5 minutes.

    If an account has multiple logon identities (for example, using a username and a mobile number for logon alternatively), the number of failed attempts is accumulated across all identities.​

    You can unlock the account in the following ways:

    • Wait for 5 minutes. The account is automatically unlocked.

    • An administrator unlocks the account in the Accounts menu.

    • The account is automatically unlocked after the user completes the forgot password flow. (This feature is not supported yet.)

    Text message/Email

    verification code limits

    This is applicable to flows such as logon, multi-factor authentication, and password reset.

    • A verification code can be sent once every 60 seconds. The timers for text messages and emails are separate.

    • You can try to enter the same verification code up to three times. If all three attempts fail, the verification code becomes invalid. You must obtain a new verification code.