Entrust Identity as a Service™ Administrator Help
Click here to see this page in full context

Report errors or omissions

  1. Home >
  2. Manage members >
  3. Create and manage user attributes

 

Create and manage user attributes

User attributes are the information fields in a User Profile. There are two types of attributes in Identity as a Service:

System user attributes are set by Identity as a Service and can be modified but cannot be deleted. You cannot leave mandatory user attributes blank.

Custom user attributes are additional user attributes that an Identity as a Service administrator can add to a user profile. For example, an administrator can add an attribute to allow a user to access an application, such as Salesforce. You can also add custom user attributes for voice, SMS, email, WeChat, or WhatsApp delivery. For example, you can add an alternate SMS custom user attribute to allow users to select to receive an OTP on an alternate SMS device. The maximum length of a custom attribute value is 1024.

Note: All custom user attributes and some system-defined attributes can be set to mandatory or optional.

You can change the settings of some system attributes, create new user attributes, and edit existing custom user attributes. See the following options for instructions:

Edit a system user attribute setting Edit a system user attribute setting

You can configure the following system attributes to be optional or mandatory:

Email

First name

Last name

Mobile

Phone

User Principal Name

Security ID

Security ID is that it is a value that uniquely identifies users in your Microsoft Windows environment.

Note: For OTP to be available and delivered to the user, a user must have a value set for at least one of the following system attributes:
- phone
- email
- mobile

If no values are provided for all of those system attributes, then OTP can only be delivered using the Admin OTP add API.

Edit a system attribute

Click > Members > Attributes. The User Attributes List page appears.

Under System User Attributes, click the user attribute. For example, click First Name. The Edit User Attribute dialog box appears.

Check Attribute is required if you want the attribute to be mandatory.

Click Save.

Add a custom user attributeAdd a custom user attribute

Click > Members > Attributes. The User Attributes List page appears.

Under Custom User Attributes, click Add. The Add User Attribute dialog box appears.

Enter a User Attribute Name for the custom user attribute. For example, Alternate Email.

Select Attribute is required if you want the attribute to be mandatory for all users.

Select Use this attribute for OTP delivery if you want users to be able to use the attribute, for example, an alternate email address, to receive an OTP.

If you select, Use this attribute for OTP delivery, select the OTP delivery method from the drop-down list.

Click Save to create the attribute. The attribute now appears in a user profile.

Note: If the custom user attribute is mandatory or being used for OTP delivery, you must add the attribute information in the user profile. For example, if you create an alternate email for OTP delivery, you must add the email address to the user's profile to make the alternate email available for OTP. See Add users.

Edit a custom user attributeEdit a custom user attribute

Click > Members > Attributes. The Attributes List page appears.

Click the name of the custom user attribute. The Edit User Attribute dialog box appears.

Edit the User Attribute as required.

Click Save.

Delete a custom user attributeDelete a custom user attribute

Click > Members > Attributes. The Attributes List page appears.

Click for the custom user attribute that you want to delete.

Click Delete on the confirmation prompt.