Configuration
Configure and customize your Phocas site's general, connection, and SSO settings.
Last updated
Was this helpful?
Configure and customize your Phocas site's general, connection, and SSO settings.
Last updated
Was this helpful?
The Configuration page contains several settings organized into three tabs. Ensure you click Save to apply your changes to the settings on this page.
On the General tab, you can set your password policy, date format, language, and more.
If your site uses Phocas authentication (default), users and passwords are stored in the Phocas system and you can set a site-wide password policy that includes automatic expiry, length, character requirements, and so on.
This is the web address where users connect to your site. When users are first added to Phocas, they receive this URL in an email. In some older versions of Phocas, this setting might say External URL.
This is the language used by default throughout your site. If this setting is left blank, the user's location or their own language setting applies. The default language determines the default date format used throughout your site.
The Text Widgets - Enable HTML Content (potentially unsafe) setting controls whether or not text widgets are allowed on your site. By default, the checkbox isn’t selected, which means that text widgets aren’t allowed. Selecting the checkbox will allow users to add potentially unsafe HTML content to a dashboard via a text widget, which might make your site vulnerable.
You can add a marketing panel to the Phocas sign-in screen, in the form of a small linked image which redirects the user to another web page. This is sometimes used by Phocas to provide training information and notice of upcoming events to users.
Marketing panel image URL: The full path name of the image to be displayed. It is recommended that these are 450 x 120 PX and in the PNG format.
Marketing panel target URL: The web address to redirect to if the panel is clicked.
The Send health check setting controls whether or not a health check report is sent to Phocas. By default, the checkbox is selected, meaning the report is sent. Clear the checkbox if you don't want to send the reports.
Applicable to the CRM module, these settings add links in CRM entity pages that provide shortcuts to either a Query database and/or a dashboard with that entity focused. For example, open the Sales database with XYZ customer selected.
On the Connections tab, you can configure and test the LDAP and SMTP settings.
Phocas authentication is the default security model, with users and passwords stored in the Phocas system. However, you can configure LDAP (Lightweight Directory Access Protocol) authentication as the user authentication mechanism. This method only authenticates a user's username and password; permissions are stored in Phocas.
You can configure the Simple Mail Transfer Protocol (SMTP) settings to enable Phocas to send emails, thus allowing users to subscribe to a favorite and export data to an email.
On the Single sign-on (SS0) tab, you can set up SSO for your Phocas site. The SSO feature uses a trusted third-party identity provider (IdP) to allow users to sign in to Phocas with the same credentials they use for other applications, such as Microsoft Entra ID and OKTA. SSO uses a standard web protocol known as Security Assertion Markup Language (SAML), which securely passes a user’s identity from one place (IdP) to another (Phocas) via encrypted, digitally signed, XML certificates.
When you allow SSO for your Phocas site, users will see a Sign in… button on the Phocas Sign in screen, allowing them to sign in via the IdP. If you select the enhanced SAML security setting in your SSO configuration, users will only be able to sign in with the IdP.
When users sign in using SSO, if they're already authenticated with your IdP, they're taken straight into Phocas. If they are not yet authenticated, they're taken to a second sign in screen, where they enter their credentials for the IdP.
When users finish their session in Phocas, they need to sign out of Phocas in the usual way, even if they have signed out of other applications that use the IdP. Without signing out, the duration of a session will depend on your IdP and other factors, such as how often the users clear cookies.
Failed sign in attempts: The number of times a user can try to sign in to Phocas before they are locked out of their account. By default, this is two attempts. If this setting is left blank or set to 0, there’ll be no limit to the number of times a user can try to sign in. LDAP accounts are not subject to lockout. See how to .
See for information on managing user passwords;
This is the email address of the Phocas administrator for your site. On sites without the functionality, this email address is provided so users can contact the Phocas administrator.
The language selected by each individual user on their page overrides both the global default and browser settings.
This is your Google Maps geocoding API key, which is required for .
See a of the LDAP URL (this link will take you to an external site).
See a of the LDAP URL (this link will take you to an external site).
While Phocas doesn’t natively support multi-factor authentication (MFA), if you’re looking for that level of security, use SSO for your Phocas site. You can either give users the option of signing in with their IdP credentials or make it mandatory for them to do so (see the ).
If you're using Microsoft Entra ID as your IdP provider, go to the page. Otherwise, go to (generic IdP).