Path to function: Preferences > Domain
This page is only visible to domain level administrators and allows the configuration of...
Automatic deletion of non-activated accounts
Accounts that have not been activated by users can be automatically deleted from one to 365 days (or never) after they are last modified; i.e. since the last change to the account rather than since the creation date. This will also act on accounts where you have used an activation email to securely reset a user's password, so a longer period is usually recommended.
Accounts deleted by this operation are not recoverable.
Account search and move
This setting controls the appearance of two functions for your organisation administrators.
- Searching 'any administrator' on the advanced search page searches across all organisations in your domain irrespective of that administrator's place within it. It produces a more limited set of data only showing username, first name(s), last name and a method to contact that account's owner.
- Account move presents a list of organisations that an account can be moved to.
If you restrict this to administrator hierarchy, administrators will only be able to find accounts beneath their own organisation and any organisations that sit below them in the hierarchy, and the move option will also be limited to those organisations.
After sign out
When users are signed out of OpenAthens via https://login.openathens.net/signout they will normally be sent to the standard you-have-been-signed-out page. If you have a library portal or similar this setting will allow you to specify a different page for users to be sent to after they are signed out so that you can offer them more options. You should indicate to them on that page that they have been signed out of OpenAthens.
If you have a local connector you use for internal single-sign-on, you should not use this function to end your local session but instead choose an address where the user has a choice.
Changes are live within minutes, but users who have already visited the sign out page will not be redirected until their browser's cache expires or is cleared.
After account activation
As with sign-out, when a user activates their account they can either stop their journey at the success page, or if you specify an address here see a continue button that will take them to the page you specify.
Sign-in page customisation
Most of these features will only appear when the user is already 'discovered' - i.e. when they have selected your organisation at a resource or are using a Redirector link.
You can upload two versions of your logo. Currently they are used at the OpenAthens authentication point and our Wayfinder organisation discovery service to help users find their home organisation but they will be used in more places in the future.
- The larger logo must be at least 256 x 256 pixels and will appear in places such as title cards. It works best as a rectangle.
- The smaller logo must be at least 75 x 75 pixels and will appear in places such as lists. This works best as a square.
- Neither may be more than 2000KB.
- They may be uploaded in jpg, gif or png format. Transparent backgrounds are recommended.
To upload or replace a logo, select the large or small box.
This is limited to 160 characters of visible text. To include hyperlinked text, click the link button above the box. A dialogue will asked you for the URL (including http://, etc) and hyperlink text. This is restricted to simple links.
Connection selection box label
If you have multiple brokered logins (e.g. LDAP or Sirsi) this label will appear by the drop down list that displays them.
There is a choice of basic colours to choose from. If you need a specific colour, you can enter the hex code or name in the box. The button text is always white, so dark colours are recommended.
This appears at the very bottom of the AP and has the same options as the introductory text.
Show registration link
If you have a separate self-registration scheme, this option will be visible and if checked will show a link to it at the authentication point
Show OpenAthens sign-in link
If you are using local connections, checking this box will ensure that OpenAthens accounts will be a sign-in option where relevant - e.g. if you needed to use some OpenAthens account alongside your local login. When you select the box you will have an opportunity to change the associated text:
When you save your changes, it may take a few minutes for them to appear on the authentication point:
This will only appear at the authentication point when you have one or more 'delegated' local connectors such as ADFS, Azure, CAS or SAML set as live and visible. It will not appear if you have set one of these connectors as default.
It will not appear if you only have LDAP or Sirsi connectors as those use the same login prompt as OpenAthens accounts and it will work just fine.
It will remember the user's choice in the browser until the user either fails authentication or clears the cookie holding the choice.
Anything to watch out for?
The revert to defaults button will set absolutely everything on the page to their default values, removing logos and text too.
It is possible to set the delete non-activated accounts preference lower than the activation code expiry preference. This may cause confusion if you include the activation expiry date in your email template.