Access to the SecureLogin Advanced Edition web console and REST APIs are limited to the admin user as specified in the helm chart.
The following are possible configuration options:
A single admin user name and password configured while deploying Advanced Edition.
The access token timeout and unique encryption secret. This also allows the administrative API to be also shared across the pods.
When a user tries to access the web console and provides valid credentials, system returns a JWT token and the access is granted. This token is encrypted using the JWT token secret. You can configure this secret and the expiration time of the token in SecureLogin-Server-x.x.x.x\values.yaml.
For information about how to change the expiration time, see Modifying the Life Span of a JWT Token
in the SecureLogin 9 Advanced Edition Installation and Configuration Guide.
To secure the web console access, consider the following best practices for the JWT token secret:
The value must contain alphanumeric characters and symbols.
The length must 64 characters.
The value must be changed while setting up the server for the first time and must be changed periodically later.
Open SecureLogin-Server-x.x.x.x\values.yaml.
Change the value of secret in the JWTToken section.
Perform a helm install or upgrade using the following command:
To install:
helm install <name-of-the-release> <name-of-the-helm-chart> -n <name-of-the-namespace>
For example, helm install slserver001 server -n nsl-namespace
To upgrade:
helm upgrade <release-name> server -n <name-of-the-namespace>
For example, helm upgrade slserver server -n my-ingress