Configure an Email Message mechanism

The Email Message mechanism provides arbitrary information about a user via either email, webpage, or JSON for consumption by users or applications.

Before using the Email Message mechanism, an SMTP server connection must first be configured. For information about how to configure the SMTP server connection, see Manage server connections.

This mechanism can be used in conjunction with the Info Map mechanism. The Info Map mechanism populates some session info and potentially enriches the session further through user mapping. The Email Message mechanism then provides this information to the user via email.

For example, for a forgotten username:

If this mechanism is not used in conjunction with the Info Map mechanism, only information from the Verify Access credential will be made available.

To use values in the Verify Access credential or session information added by the Info Map mechanism, add wrapping @ signs to the attribute identifier in the same way as they are used in macros. For example, to make use of a user's credential containing the attribute firstName in the template page:

The attribute identifier is case sensitive. For example, @firstname@ cannot be used to reference the attribute firstName.

We can use the Email Message mechanism to send messages in HTML format. See HTML format for OTP email messages.

Steps

  1. Log in to the local management interface.

  2. Click AAC.

  3. Under Policy, click Authentication.

  4. Click Mechanisms.

  5. Click Email Message.

  6. Click the Properties tab.

    1. Select a property to configure.

    2. Click Modify Property.

    3. Enter the value for that property.

    4. Click OK.

  7. Take note of the properties for the mechanism.

      Email Attribute Identifier

      The name of the attribute containing the email address to be used.

      If this attribute is not set, the system always displays the template HTML page to the user.

      Default value: emailAddress

      Email Sender Value

      The value to use in the sender field of an email.

      Email Template

      The path to the template XML file to be used when sending an email to the user. Default value: /authsvc/authenticator/sessionattributeresponse/email_message.xml The default value omits the locale portion of the path, which we can see in the templates page view.

      Error Template

      The path to the template HTML file to be used when displaying an error message to the user.

      Default value: /authsvc/authenticator/sessionattributeresponse/error.html

      Server Connection
      This field defines the SMTP connection used to send the email. We can select the SMTP server from the drop-down list.

  8. Click Save.


What to do next

After we have configured the mechanism, a message that indicates the changes are not deployed will be displayed. Deploy changes when we are finished. For information, see Deploying pending changes.

After deploying the changes, we can create policies that include this mechanism. For more information, see Create an authentication policy.

Parent topic: Authentication