Configure E-mail Notifications for Self-Service User Account Changes

Document created by RSA Information Design and Development Employee on Jun 13, 2017Last modified by RSA Information Design and Development Employee on Jul 27, 2020
Version 15Show Document
  • View in full screen mode

To improve the security of Self-Service accounts, you can configure Self-Service to send e-mail notifications to users when selected events occur.

You can enable the following Self-Service events to send e-mail notifications:

  • Profile changes

  • Password changes (RSA or LDAP passwords only when changed by the user through the Self-Service Console)

  • PIN changes and when a blocked PIN is unblocked

  • On-demand authentication delivery option changes

  • Emergency access requests

  • Token resynchronization requests

E-mail notifications to users about changes to their accounts can contain a link to the Self-Service Console on the web tier. This link enables users to go directly to the Self-Service Console where they can check their accounts.

The URL used to access the Self-Service Console varies depending on your deployment type. By default, Authentication Manager assumes that end users connect directly to the Self-Service Console installed on the primary instance. If your deployment includes a web tier where the end users connect through a load balancer or virtual host, your end users must use the appropriate URL for the Self-Service Console.

To include a link to the Self-Service Console in an e-mail notification, change the default URL in the notification to point to the virtual host or load balancer. This does not change the actual URL of the Self-Service Console, nor does it validate that the Self-Service Console is reachable through the specified URL.

In the e-mail notifications template, you can customize the field labels, message text, and add, remove, or reorder the e-mail tags. For descriptions of the e-mail tags, syntax, and default values, see E-mail Template Example for the Self-Service Console.

If the e-mail address attribute is editable and Self-Service is configured to send e-mail notifications for changes to the user’s profile or on-demand authentication delivery option, Authentication Manager sends a notification to both the old and new e-mail addresses when the e-mail address is changed.

Before you begin 

Configure the SMTP Mail Service

Procedure 

  1. In the Security Console, go to Setup > Self-Service Settings.

  2. Under Customization, click E-Mail Notifications for User Account Changes.

  3. To change the default URL for e-mail notifications for user account changes, do one of the following.

    • If you do not have a web tier. Under Configure Default Self-Service Console URL, enter the primary instance URL and port.

      The format for the URL is:

      https://hostname:7004/console-selfservice

      where:

      hostname is the fully qualified hostname of the primary instance.

    • If you have a web tier. Under Configure Default Self-Service Console URL, enter the virtual host URL and port.

      The format for the URL is:

      https://virtualhostname:port/console-selfservice

      where:

      virtual-hostname is the fully qualified hostname of the virtual host.

      port is the virtual host port.

  4. Under E-mail Notifications, select one or more events to initiate an e-mail notification to users.

  5. Under E-mail Template, edit the Subject and Body fields.

    You cannot use angle brackets (< >) in e-mail templates.

  6. Click Save.

 

 

 

You are here
Table of Contents > Self-Service > Configure E-mail Notifications for Self-Service User Account Changes

Attachments

    Outcomes