Authentication
The ECP authentication system is an essential component for verifying user identities. It encompasses various functionalities such as user account management, authentication, authorization, and access control. These features collectively provide a reliable, secure, and user-friendly mechanism for authenticating users within the ECP platform.
ECP offers two methods for authenticating user login: basic authentication and integration with third-party authentication using the SAML protocol.
Log in with Username and Password
Superusers can create or invite ECP admins or regular users. After these users are added, they can log in to ECP, with their email address and password.
You also have the option to check the Remember me checkbox, which enables the automatic filling of your login credentials for future logins.
Reset Password
If you forget your password, click the Forgot Password button on the login page. You'll be guided to contact your system admin or reset your password through email.
Integrate with Third-Party Authentication Systems
ECP also supports integration with SAML-based third-party authentication systems.
SAML (Security Assertion Markup Language) is an XML-based open standard protocol used for exchanging authentication and authorization data in cross-network communications. SAML aims to facilitate secure communication and enable Single-Sign-On (SSO) for user authentication across various network resources.
Configure in ECP
Log in as system admin.
Click System Settings -> General Settings -> SSO.
Click the Add SAML Service button. In the popup dialog box, set as follows:
Input a Name for the SSO configuration.
Toggle the Enabled switch to enable SSO.
Input the Login URL, which is the login address of the third-party authentication system.
[Optional] Input the Logout URL, which is the logout address of the third-party authentication system.
[Optional] Toggle the Sign Request switch to enable request signing. ECP will automatically generate a signature if enabled.
[Optional] Toggle the Force Login switch to require users to enter their username and password every time they log in through the third-party SSO.
[Optional] Toggle the Validate Signature switch to enable signature validation. Upload the public key file exported from the third-party authentication system, encrypted in Base64 format.
Click Confirm to finish the setting.