Setting HES server parameters

Hideez Enterprise Server – Setting HES Server parameters
To work correctly, you need to specify some basic settings. 
Go to Settings -> Parameters. 
Licensing
Click the button Set License Settings.

Fill in and save the API Key, you have to get it at the stage of setting up the server. Ask us if you have ordered a pilot and don't know your API key.
After saving, the API Key is not displayed in the settings in open form. To view it, click the Show button.
Also here you can import your licenses from HLS by clicking on Import licenses button.
You can import licenses via API key or using a file. Please, ask us if you need to get your licenses file.
Active Directory
Active Directory on premises
These parameters must be specified if you will use HES scenarios for working with AD.
Import and sync users from Active Directory
Import and sync users from Active Directory with domain password changing​
Click the button Add Domain Settings.
Fill in and save the following parameters (domain on premises):
Domain Name: enter your Active Directory domain. This is necessary to import users from previously created groups in AD.
User Logon Name: AD administrator's login with permissions to get users and groups from the AD and change user's passwords.
Password: AD administrator's password with permissions to get users and groups from the AD and change user's passwords.
Auto Password Change (days): number of days after which it is necessary to change the password from the domain account to users from the Security Key Auto Password Change group.
Azure AD
To connect the Azure AD with the HES, please, first, set the Azure AD application:
Login to the Azure portal​
Go to the Azure Active Directory > App registrations
Add new app
Go to app overview and copy Application (client) ID, Directory (tenant) ID
In app go to the Certificates & secrets > New client secret and then add and copy Client Secret
​
​
In app go to the API permissions > Add a permission > Microsoft Graph. Click Application permissions, then select the Directory > Directory.Read.All permission
Click Grant admin consent
Fill in and save the following parameters on HES (Azure AD):
Application ID: enter your Azure AD application id.
Client secret: enter your Azure AD client secret.
Tenant ID: enter your Azure AD tenant id.
Auto Password Change (days): number of days after which it is necessary to change the password from the domain account to users from the Security Key Auto Password Change group.
After saving the data, login parameters are not displayed in the settings.
 If you use Linux and need the AD integration, join your Linux server to the AD​
Be aware! As soon as you remove the AD administrator login and password from the settings, all AD sync scenarios will stop working.
With this instruction, you can add on server several domains at the same time. Each domain is managed separately.
Splunk
Also you can set here Splunk settings.
FIDO2
If the "Allow Platform Authenticators" feature is enabled, you can choose the type of security key you are enrolling for the user (by default it is cross-platform):
So the list of the user's FIDO keys will look like this:
SAML
More about SAML configuration you can read here.
OIDC
The Openid connect clients (OIDC) parameters can be set at the OIDC section.
Appearance
In this section, you can customize logos and email for the server.