38.7 Access settings

Access settings

Setting

Description

Self registration account user role

Defines which user role should be given to self-registered user accounts.

To enable self-registration of users: select any user role from the list. A link to the self-registration form will be displayed on the login page.

Note

To enable self-registration, you must also select a Self registration account organisation unit .

To disable self-registration of users: select Disable self registration .

Self registration account organisation unit

Defines which organisation unit should be associated with self-registered users.

Note

To enable self-registration, you must also select a Self registration account user role .

Do not require reCAPTCHA for self registration

Defines whether you want to use reCAPTCHA for user self-registration. This is enabled by default.

Enable user account recovery

Defines whether users can restore their own passwords.

When this setting is enabled, a link to the account recovery form will be displayed on the front page.

Note

User account recovery requires that you have configured email settings (SMTP).

Lock user account temporarily after multiple failed login attempts

Defines whether the system should lock user accounts after five successive failed login attempts over a timespan of 15 minutes.

The account will be locked for 15 minutes, then the user can attempt to log in again.

Allow users to grant own user roles

Defines whether users can grant user roles which they have themselves to others when creating new users.

Allow assigning object to related objects during add or update

Defines whether users should be allowed to assign an object to a related object when they create or edit metadata objects.

You can allow users to assign an organisation unit to data sets and organisation unit group sets when creating or editing the organisation unit.

Require user account password change

Defines whether users should be forced to change their passwords every 3, 6 or 12 months.

If you don’t want to force users to change password, select Never .

Enable password expiry alerts When set, users will receive a notification when their password is about to expire.

Minimum characters in password

Defines the minimum number of characters users must have in their passwords.

You can select 8 (default), 10, 12 or 14.

OpenID provider

Defines the OpenID provider.

OpenID provider label

Defines the label to display for the specified OpenID provider.

CORS whitelist

Whitelists a set of URLs which can access the DHIS2 API from another domain. Each URL should be entered on separate lines. Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources (e.g. javascript files) on a web page to be requested from another domain outside the domain from which the first resource was served.

Mapzen search API key

Defines the API key for the Mapzen API. This API is used to search addresses globally within DHIS 2.

Google Maps API key

Defines the API key for the Google Maps API. This is used to display maps within DHIS2.