Configure E-mail Notifications for Self-Service User Account ChangesConfigure E-mail Notifications for Self-Service User Account Changes
To improve the security of Self-Service accounts, you can configure Self-Service to send e-mail notifications to users when selected events occur.
You can enable the following Self-Service events to send e-mail notifications:
-
Profile changes
-
Password changes (RSA or LDAP passwords only when changed by the user through the Self-Service Console)
-
PIN changes and when a blocked PIN is unblocked
-
On-demand authentication delivery option changes
-
Emergency access requests
-
Token resynchronization requests
E-mail notifications to users about changes to their accounts can contain a link to the Self-Service Console on the web tier. This link enables users to go directly to the Self-Service Console where they can check their accounts.
The URL used to access the Self-Service Console varies depending on your deployment type. By default, Authentication Manager assumes that end users connect directly to the Self-Service Console installed on the primary instance. If your deployment includes a web tier where the end users connect through a load balancer or virtual host, your end users must use the appropriate URL for the Self-Service Console.
To include a link to the Self-Service Console in an e-mail notification, change the default URL in the notification to point to the virtual host or load balancer. This does not change the actual URL of the Self-Service Console, nor does it validate that the Self-Service Console is reachable through the specified URL.
In the e-mail notifications template, you can customize the field labels, message text, and add, remove, or reorder the e-mail tags. For descriptions of the e-mail tags, syntax, and default values, see E-mail Template Example for the Self-Service Console.
If the e-mail address attribute is editable and Self-Service is configured to send e-mail notifications for changes to the user’s profile or on-demand authentication delivery option, Authentication Manager sends a notification to both the old and new e-mail addresses when the e-mail address is changed.
Before you begin
Configure the SMTP Mail Service
Procedure
-
In the Security Console, go to Setup > Self-Service Settings.
-
Under Customization, click E-Mail Notifications for User Account Changes.
-
To change the default URL for e-mail notifications for user account changes, do one of the following.
-
If you do not have a web tier. Under Configure Default Self-Service Console URL, enter the primary instance URL and port.
The format for the URL is:
https://hostname:7004/console-selfservice
where:
hostname is the fully qualified hostname of the primary instance.
-
If you have a web tier. Under Configure Default Self-Service Console URL, enter the virtual host URL and port.
The format for the URL is:
https://virtualhostname😛ort/console-selfservice
where:
virtual-hostname is the fully qualified hostname of the virtual host.
port is the virtual host port.
-
-
Under E-mail Notifications, select one or more events to initiate an e-mail notification to users.
-
Under E-mail Template, edit the Subject and Body fields.
You cannot use angle brackets (< >) in e-mail templates.
-
Click Save.
Related References