Identity, Authentication, and User Management Updates - EPC - WebApp Manual - 15.4

Technischer Support
Haftungsausschluss
FAQs
1.0 Unternehmen Prozess Center
- 1.1 Prozessansicht
- 1.2 Kollaborative Umgebung
- 1.3 Benutzerkategorien
- 1.4 BPMN 2.0
- 1.5 Steuerung
- 1.6 Leistung
2.0 EPC 11.3 Neue Funktionen und Merkmale
- What’s New in EPC 15.4
- Feature Improvements
- Fixed Issues
- 15.4.1 Service Pack
- 15.4.2 Service Pack
3.0 Die Web-applikation
- 3.1 Was ist die Web-Applikation?
- 3.2 Was kann ich in der EPC Web-Applikation tun?
- 3.3 Was ist RASCI-VS?
4.0 Navigieren durch die Web App
- 4.1 Logging In
- 4.2 Home & My Dashboard
- 4.3 Allgemeine Navigieren
- 4.4 Prozess
- 4.5 Leistung
- 4.6 Organisation
- 4.7 Dokumente
- 4.8 Risiko
- 4.9 Steuerung
- 4.10 Regel
- 4.11 Stammdaten
- 4.12 Zusammenarbeit
- 4.13 Governance
- 4.14 Apps-Menü
- 4.15 Glossary
- 4.16 To Do
  - 4.16.1 Module Overview
  - 4.16.2 List
    - 4.16.2.1 Sorting
    - 4.16.2.2 Filtering
- 4.17 Capability
5.0 Suche
6.0 Benachrichtigungen
- 6.1 Benachrichtigungsorganisation
- 6.2 Browser-Benachrichtigungen aktivieren/deaktivieren
  - 6.2.1 Chrome-Benachrichtigungen
  - 6.2.2 Firefox-Benachrichtigungen
- 6.3 Reminders
7.0 Genehmigungen & Bestätigungen
- 7.1 Genehmigungszyklus
- 7.2 Bestätigung
  - 7.2.1 Mass Confirmation
- 7.3 Endorsement Cycle
- 7.4 Training
- 7.5 Review Cycle
- 7.6 Attestation
8.0 Mein Profil
- 8.1 Allgemeines
  - 8.1.1 Benutzerprofilbild
- 8.2 Einstellungen
  - 8.2.1 Umgebung
  - 8.2.2 Angezeigter Inhalt
- 8.3 Sprache
- 8.4 Einstellung der Motivfarbe
- 8.5 Berechtigungen
- 8.6 Default Font Color
- 8.7 Signature
  - 8.7.1 Add Signature
  - 8.7.2 Remove Signature
- 8.8 Task Delegation
9.0 Umgebungs-Administration
- 9.1 Umgebungseinstellungen
- 9.2 Umgebungsvorgaben
10.0 Systemverwaltung
- 10.1 Allgemeines
- 10.2 Umgebunga
- 10.3 Benutzer
- 10.4 Gruppen
- 10.5 Suche
- 10.6 Lokalisierung
- 10.7 Risiko
- 10.8 Attribute
- 10.9 Fortgeschrittene
  - 10.9.1 Einstellungen bearbeiten
- 10.12 Startseite Widgets
- 10.11 Diagram Tab – Adding Custom Flow Object Shape
- 10.12 Mobile App
11.0 Symbole und Glossar
- 11.1 Symbole
- 11.2 Glossar (Schlüsselbegriffe)
12.0 Bearbeiten in der Web App
- 12.1 Allgemeine Bearbeitung
- 12.2 Prozessbearbeitung
- 12.3 Leistungsbearbeitung
- 12.4 Organisationsbearbeitung
- 12.5 Bearbeiten von Dokumenten
- 12.6 Risikobearbeitung
- 12.7 Kontrolle Bearbeiten
- 12.8 Regel bearbeiten
- 12.9 Stammdatenbearbeitung
- 12.10 Bearbeitung der Zusammenarbeit
  - 12.10.1 Verbesserungswünsche umsetzen
- 12.11 Governance Bearbeitung
- 12.12 Glossary Edit
- 12.13 Capability Edit
13.0 AI Capabilities
- 13.1 AI Document Content Mining Parser
- 13.2 AI-Powered Content Generation & Improvement
- 13.3 AI Chat Assistant
- 13.4 AI Mass Impact Recommendations
- 13.5 AI Content Parsing in EPC
14.0 Middleware Bi-Directional Integration Sync Manager
- 14.1 Atlassian Jira Two-way Integration
  - 14.1.1 Creating a Jira Epic and Story From EPC
- 14.2 Essential Projects Two-way Integration
  - 14.2.1 Creating an EA Solution From EPC
- 14.3 Jira Webhook API
- 14.4 Microsoft 365 OneDrive & Microsoft Teams Integration
15.0 EPC REST APIs
- 15.1 Getting Started
  - 15.1.1 Authentication and Token Management
  - 15.1.2 Basic Examples
- 15.2 Use Cases & Examples
- 15.3 API Reference (Swagger)
16.0 Tutorial for EPC
- 16.1 Getting Started
- 16.2 Build a Business Process
- 16.3 Create Inter-Process Links
- 16.4 Create Inputs and Outputs
- 16.5 Publish the Process
- 16.6 Import User & Assign Resource to Role
- 16.7 Approval Cycle
- 16.8 Upload a Document and Assign to Process
17.0 EPC Data Dictionary, ERD & Cognos Reports List
18.0 EPC Mobile App
- 18.1 Getting Started in EPC Mobile: Download & Log In
- 18.2 Navigating EPC Mobile
- 18.3 Offline Mode
19.0 Keycloak Server Administration Guide
- Creating the First Administrator
- Configuring realms
- Using External Storage
- Managing Users
- Managing User Sessions
- Assigning Permissions Using Roles and Groups
- Configuring Authentication
- Integrating Identity Providers
- SSO Protocols
- Managing Access to Realm Resources
- Managing Organizations
- Managing Workflows
- Managing OpenID Connect and SAML Clients
- Configuring Keycloak as a Verifiable Credential Issuer
- Using a vault to obtain secrets
- Configuring auditing to track events
- Mitigating security threats
- Account Console
- Admin CLI

EPC 15.4 introduces major improvements to security, authentication, and user management through enhancements to the SSO Identity Provider (IdP) broker and Local User Management components. These changes affect authentication configuration and user administration.

SSO (Single Sign-On) Users

Action Required: SSO must be reconfigured during the upgrade.

Existing SSO configurations must be updated to align with the new authentication framework.
This is a one-time step to ensure secure access.
No impact to end users: application functionality, UI behavior, and workflows remain unchanged.

Local User Management

New Interface & Enhanced Security:

Redesigned centralized user management UI.
Stronger password policies with configurable expiration rules.
Enhanced security controls aligned with modern authentication standards.
Additional self-service features (e.g., “Forgot Password”).
Improved account protection and administrative enforcement.

These enhancements improve security, usability, and administrative control without affecting existing user access or workflows.

Key Benefits

Centralized SSO & MFA:

Single sign-on for multiple applications (EPC, QMS, DBP, admin tools).
Unified MFA policy across applications, reducing per-app MFA setups.

Standards-Based Integration:

OpenID Connect support added (in addition to existing SAML).
Eliminates need for custom MFA code per app.
Flexible MFA enforcement by user group/role, application, network/location, or risk level.
Supports common MFA methods: TOTP authenticator apps, WebAuthn/FIDO2, and more.

Improved Account & Lifecycle Management:

Central user management, password policies, account lockout, session and device controls.
Easier auditing of authentication events.
Compatible with “bring your own IdP” (Azure AD, Okta, etc.) while enforcing additional local MFA if needed.

Long-Term Roadmap Benefits:

User, group, and role synchronization on demand (not just on login).
Decoupled system administrator vs. application/content administrator environments.

Multi-Stage Hybrid Serial & Parallel Approval Workflows

Boost Document Control with Status Watermarks & Serial Number QR Codes

Haben Sie noch weitere Fragen?
Visit the Support Portal