Overview page

The Overview page provides a centralized, actionable view of the entity security health. It combines navigation shortcuts, configuration compliance indicators, and user activity insights. Administrators can use this page to quickly identify risks, validate best practice adoption, and prioritize remediation efforts.

The Overview page has three primary sections:

  • Most commonly visited pages
  • User summary
  • Security scorecard

Security roles

The Overview page is accessible only to users assigned at least one of these roles:

  • Infor System Administrators
  • IFS-ExternalEntityAdmin
  • EEU-IFS-Self-Management-Admin (limited access)

Most commonly visited pages

The Most commonly visited pages section highlights frequently accessed pages to provide quick navigation shortcuts for administrators:

  • External Entity Configuration
    Note: Only users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both, have access to this page.
  • Users
  • Security Roles
  • Federated Security
  • Infor Cloud Identities

External Entity scorecard

The External Entity scorecard enables administrators to quickly identify security risks and compliance gaps within the entity. Each scorecard item is evaluated independently. There is no weighted or cumulative score. The # Security risks detected message is updated in real-time as changes are made.

Each scorecard item is represented by one of these indicators:

  • Green check: Configuration is compliant with recommended security best practices.
  • Red exclamation mark: Configuration is considered a security risk and should be reviewed and updated.

The User Access tile evaluates authentication, access control, and identity related configurations.

These conditions can affect the status of the items in the User Access tile:

  • Restricted access to Infor Cloud Identities:
    • In compliance (green): Disabled Enable access using Infor Cloud Identities or enabled Enable access using Infor Cloud Identities and enabled For a sub-set of users (select users and /or master data types in below tabs) and Users or Master Data Types assigned.
    • Security risk (red): Enabled Enable access using Infor Cloud Identities and enabled For all users in Infor Cloud Identities - Configuration page.
    Note: This condition is displayed for users with all three security roles.
  • Passkey authentication enablement for Infor Cloud Identities:
    • In compliance (green): Enabled Passkey in Sign In Providers tab or Disabled ‘Enable access using Infor Cloud Identities’.
    • Security risk (red): Disabled Passkey in Sign in Providers tab when 'Enable access using Infor Cloud Identities' is enabled.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • Password policies configurations for Infor Cloud Identities:
    • In compliance (green): Disabled Enable access using Infor Cloud Identities or enabled Enable access using Infor Cloud Identities and all of these are true:
      • Password will expire every 30-360 days.
      • Prohibit Password Reset 1-24 hours.
      • Disable inactive accounts after 30-365 days.
      • Enabled Password cannot contain 3 or more consecutive characters (Ex: abc, 123).
      • Enabled Password cannot contain 3 or more consecutive repeating characters (Ex: aaa, 111).
      • Enabled Password cannot contain the following user attributes.
      • Enabled Enforce custom forbidden password list.
    • Security risk (red): Enabled Enable access using Infor Cloud Identities and at least one of these:
      • Password will expire every 0 days.
      • Prohibit Password Reset 0 hours.
      • Disable inactive accounts after 0 days.
      • Disabled Password cannot contain 3 or more consecutive characters (Ex: abc, 123).
      • Disabled Password cannot contain 3 or more consecutive repeating characters (Ex: aaa, 111).
      • Disabled Password cannot contain the following user attributes.
      • Disabled Enforce custom forbidden password list.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • Multi-factor authentication (MFA) enablement:
    • In compliance (green): Enabled Enable MFA.
    • Security risk (red): Disabled Enable MFA.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • External identity provider (IdP) configuration:
    • In compliance (green): Either Federated Security or the OpenID Connect should be created and configured in the entity.
    • Security risk (red): No IdPs configured under Federated Security.
    Note: This condition is displayed for users with all three security roles.
  • Service provider certificate expiration:
    • In compliance (green): No service provider certificate is set to expire in 30 days or less.
    • Security risk (red): Service provider certificate is set to expire in 30 days or less.
    Note: This condition is displayed for users with all three security roles.
  • Restricted domain access:
    • In compliance (green): At least one domain is configured as a blocked domain or at least one domain is configured as an allowed domain.
    • Security risk (red): No domains are configured under Domain Security.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • Social providers configuration:
    • In compliance (green): One or more social providers have been enabled in the Sign In Providers tab.
    • Security risk (red): No social providers have been enabled in the Sign In Providers tab.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.

These conditions can affect the status of the items in the Security Configurations tile:

  • Active users and no login history:
    • In compliance (green): No active users who have never logged in.
    • Security risk (red): At least one active user who has never logged in.
    Note: This condition is displayed for users with all three security roles.
  • Session timeout and concurrent session limits recommended thresholds:
    • In compliance (green): Idle Session Time-out is 60 minutes or less and disabled Enable 16 Hour Session and enabled Enable Concurrent Session Limitation and Number of concurrent sessions allowed is 1-3.
    • Security risk (red): Idle Session Time-out is more than 60 minutes and/or enabled Enable 16 Hour Session and/or disabled Enable Concurrent Session Limitation and/or Number of concurrent sessions allowed is 4 or 5.
    Note: This condition is displayed for users with all three security roles.
  • Security access profiles configuration:
    • In compliance (green): Allowed Login hours/IP address should be set in the external entity.
    • Security risk (red): Allowed Login hours/IP address are not set in the external entity.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • User limits for external entities definition:
    • In compliance (green): Maximum number of external users is a non-zero value.
    • Security risk (red): Maximum number of external users is 0 (unlimited).
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.
  • User verification enablement:
    • In compliance (green): Enabled Enable user verification.
    • Security risk (red): Disabled Enable user verification.
    Note: This condition is displayed for users with the Infor System Administrator role or the IFS-ExternalEntityAdmin role, or both.

User Summary

The User Summary section provides an aggregated view of user status counts within the external entity to help administrators monitor account life cycle and activity trends.

  • Total users: active users, inactive users (disabled)
  • Active users
  • Inactive users (disabled)
  • Users never logged in