Quasr
  • Introduction
    • Welcome to Quasr
    • Concepts
      • Flexible Authentication
      • User-Centric Privacy
      • Modern Development
    • Terminology
    • FAQs
  • Getting Started
    • Sign up with Quasr
    • Setup your tenant
      • Factor Configuration
      • Enrolling additional factors
      • Test with the Sample Client
      • Understanding Scopes & Scores
      • Setting up an API Client (M2M)
    • Connect your app
      • Hosted Login UI
      • Custom Login UI
      • Embedded Login UI
  • Account Administration
    • Introduction
    • Account & Billing
      • Metrics
    • Tenants
    • Usage & Statistics
    • Security
  • Tenant Administration
    • Introduction
    • Dashboard
    • Tenant Settings
    • Your Security
    • Accounts
      • Tenant Admins
    • Factors
      • Factors and Scoring
      • Username (ID)
      • Federation (OAuth2 / OIDC)
        • Apple
        • Facebook
        • GitHub
        • Google
        • LinkedIn
        • Slack
      • Time-based One-time Password (TOTP)
      • One-Time Password (OTP)
      • Password
      • Secret
    • Controls
      • Configuration
      • Permissions
      • Consents
      • Rules
    • Attributes
      • Capturing Claims
      • Sourcing Claims
      • Viewing Claims
      • Searching Claims / Users
      • Sharing Claims
    • Extensions
      • Synchronous
      • Asynchronous
    • Tokens
      • Session Token (OAuth 2.0)
      • Access Token (OAuth 2.0)
      • Refresh Token (OAuth 2.0)
      • ID Token (OIDC 1.0)
      • Consent Token
      • Authorization Code (OAuth 2.0)
    • Hosted Login Page
    • APIs
      • Authentication API
      • Management API (GraphQL)
  • Legal
    • Terms of Service
    • Acceptable Use Policy
    • DPA & Subprocessors
  • More Info
    • Standards
    • Security
      • Vulnerability Disclosure
      • Wall of Recognition
    • Support
    • Status
Powered by GitBook
On this page
  1. Tenant Administration
  2. Controls

Configuration

PreviousControlsNextPermissions

Last updated 1 year ago

Controls offer following configuration options:

  • You can set a label to describe the control to users.

  • You must set the value which resembles the following depending on the (sub)type. For legals this should either be the legal text itself (if limited) or an URL pointing to the text (recommended); for scopes this must be the scope value (OAuth 2.0).

  • You must set the minimum score required in order to obtain or grant the control. Hence controls that provide more sensitive access can have a higher score, so more authentication factors will need to be passed.

Control requiredness is now configured through rules on clients.

The following options are only available for scopes:

  • You can choose whether a consent is required when an account wants to grant it to a client. In general you want consent to be given, but sometimes certain scopes are implied and would not require explicit consent. In case you don't like to use consent management you can use this flag to disable consent.

  • You can choose whether a permission is required in order for an account to use it. If you like to provide everyone access to a control you can uncheck this option, so no individual permissions have to be provided. For example admin scopes will usually require permission.

Legal controls are automatically configured as following:

  • consent is required

  • permission is not required

Control settings in the Tenant Admin UI