HTML Form Adapter

Page title and template file name Purpose Type Action
Sign On or Choose an Account

identifier.first.template.html

Prompts a user to provide their username when an Identifier First Adapter instance is invoked to handle a sign-on request. Normal User input required
Sign On

html.form.login.template.html

Displays a customizable user sign-on form when an HTML Form Adapter instance is invoked to handle a sign-on request.

If the invoked HTML Form Adapter instance is associated with a local identity profile configured to support authentication via third-party identity providers, the sign-on page will display those identity providers.

This is a core HTML template.

Normal User input required
Change Password

html.form.change.password.template.html

Displayed when a user attempts to change their password through the HTML Form Adapter. Normal User input required
Change Password

html.form.message.template.html

Displayed when a user successfully changes their password.

This is a core HTML template.

Normal User input required
Password Expiring

html.form.password.expiring.notification.template.html

Displayed to warn an authenticated user that the password associated with the account is about to expire.

This is a core HTML template.

Normal User input required
Password Management System Message

html.form.message.template.html

Displayed when a user is redirected to a password management system to change their password.

This is a core HTML template.

Normal User input required
Account Recovery

forgot-password.html

Displayed when a user attempts to reset their password through the HTML Form Adapter.

If the user enters a username in the sign-on form, the username carries over to this form. Otherwise, the user must enter their username to begin the self-service password reset process.

Normal User input required
Account Recovery

forgot-password-resume.html

Displayed to prompt a user to enter the one-time password sent through a notification or to notify a user to refer to the notification for password reset instructions.

This template is applicable when the password reset type is Email One-Time Link, Email One-Time Password, or Text Message for the invoked HTML Form Adapter instance.

Normal User input required
Reset Your Password

forgot-password-change.html

Displayed to prompt a user to define a new password. Normal User input required
Account Recovery

forgot-password-success.html

Displayed when a user successfully resets their password. Normal User input required
Account Recovery

forgot-password-error.html

Displayed when a password reset attempt fails. Error None
Unlock Your Account

account-unlock.html

Displayed when a user successfully unlocks their account through the HTML Form Adapter.

This page also prompts the user to retain the current password, or reset it.

Normal User input required
Security Question

html.form.login.challenge.template.html

Displays a configurable challenge form for two-step authentication. For example, this template can be used to create a RADIUS challenge form when using the RADIUS Username/Password Credential Validator.

This is a core HTML template.

Normal User input required
User Consent

consent-form-template.html

Displayed when a request requires a user’s consent for an SSO to an SP. Normal User input required
Logout Confirmation

idp.slo.confirm.page.template.html

Displayed when a user initiates a logout request.

Applicable only if such confirmation is required, as configured on the Authentication > Integration > IdP Default URL window.

Normal User input required
Sign Off

idp.logout.success.page.template.html

Displayed when a user successfully signs off in a configuration where the Logout Path field is configured but the Logout Redirect field is not. Normal None
Create Your Account

local.identity.registration.html

Displays a configurable challenge form for two-step authentication.Displayed when a user requests to register for a local account.

Applicable only if the invoked HTML Form Adapter instance is associated with a local identity profile that is configured to support self-service registration.

Normal User input required
Manage Your Profile

local.identity.profile.html

Displayed when an authenticated user accesses the profile management endpoint.

Applicable only if the invoked HTML Form Adapter instance is associated with a local identity profile that is configured to support self-service profile management.

Normal User input required
Email Verification

local.identity.email.verification.sent.html

Displays a notification that an email ownership verification message has been sent when an authenticated user accesses the email ownership verification endpoint.

Applicable only if the invoked HTML Form Adapter instance is associated with a local identity profile that is configured to offer users the opportunity to verify the ownership of the email address associated with the accounts.

Normal None
Email Verified

local.identity.email.verification.success.html

Displays a confirmation that the user has successfully verified the ownership of the email address associated with the account.

Applicable only if the invoked HTML Form Adapter instance is associated with a local identity profile that is configured to offer users the opportunity to verify the ownership of the email address associated with the accounts.

Normal None
Email Verification Error

local.identity.email.verification.error.html

Displays that the user failed to verify the ownership of the email address associated with the account.

Applicable only if the invoked HTML Form Adapter instance is associated with a local identity profile that is configured to offer users the opportunity to verify the ownership of the email address associated with the accounts.

Error User can request another verification email by accessing the email ownership verification endpoint or the profile management page (if enabled). Authentication is required.

Alternatively, the user can contact their IT administrators for further assistance.

Username Recovery

username.recovery.template.html

Displays to prompt the user to enter an email address to recover the username associated with the account.

Applicable only if the invoked HTML Form Adapter instance is configured to support self-service username recovery.

Normal User input required
Username Recovery

username.recovery.info.template.html

Displays to notify the user to retrieve the notification message with the recovered username.

Applicable only if the invoked HTML Form Adapter instance is configured to support self-service username recovery.

Normal User should retrieve the notification message with the recovered username.

Kerberos Adapter

Page title and template file name Purpose Type Action
Error

kerberos.error.template.html

Displays an error page to provide standardized information to the end user when the authentication attempt fails. Error Consult log
(No title)

meta.refresh.template.html

Facilitates the failover mechanism from a Kerberos Adapter instance to the next phase when it is part of a Composite Adapter instance configuration or an authentication policy. Normal None

Single sign-on and logout

Page title and template file name Purpose Type Action
Select Authentication System

sourceid-choose-idp-adapter-form-template.html

Displayed when multiple authentication sources are applicable and no preference is submitted as part of the request. Normal User input required
Sign On Error

idp.sso.error.page.template.html

Displayed when IdP-initiated or adapter-to-adapter SSO fails and no other SSO error landing page is specified. Error Consult log and web developer
Sign Off Successful

idp.slo.success.page.template.html

Displayed when an SLO request succeeds and no other SLO success landing page is specified. Normal None
Sign Off Error

idp.slo.error.page.template.html

Displayed when an SLO request fails and no other SLO error landing page is specified. Error User should close the browser

WS-Federation and OpenID Connect

Page title and template file name Purpose Type Action
Working . . .

sourceid-wsfed-http-post-template.html

Used to auto-submit a WS-Federation assertion to the SP. If JavaScript is disabled, the user is prompted to click a button to POST the assertion directly.

This page is normally not displayed if JavaScript executes properly.

Normal None
Signing off. . .

sourceid-wsfed-idp-signout-cleanup-invisible-template.html

WS-Federation and OIDC client IdP sign-out processing page.

No HTML is rendered in the browser.

Normal None
Sign Off Successful

sourceid-wsfed-idp-signout-cleanup-template.html

Indicates user signed out of the IdP under the WS-Federation protocol and lists each successful SP logout, when applicable.

Also displays when an OIDC client sends a logout request to the /idp/startSLO.ping endpoint to initiate an Asynchronous Front-Channel Logout process.

Normal None