Logging into OpenRMF^® Professional

When you Log into OpenRMF^® Professional you are required to have a way to login and use the application. If your application administrator has enabled “registration” for new users you can register by clicking the Register link. Otherwise you must have a login and password or equivalent access to log in and use the application.

Your Login Token

When you log in to OpenRMF^® Professional, you receive a JSON Web Token (JWT) that contains a hashed list of information that includes roles, groups, username, user Id, and other pertinent information. This token is used and matched against all API requests and validated by the login server on every single call on the frontend and backend of the application.

The tokens are set to expire by default after 5 minutes of inactivity. When you interact with the application that timeframe is reset. All logins in the application are set to automatically log off after 15 minutes with a warning dialog showing before the application will automatically log you out.

Your login is setup by your application admininstrator and can be the default login/password combination, a Common Access Card (CAC) or Personal Identity Verification (PIV) card, Windows Active Directory, Secure LDAP, OIDC, or a SAML 2.0 Identity Provider such as Okta or even GitHub.

Roles and Groups

All roles and groups are carried with your login and refresh as you use the application dynamically. This information is detailed in the Security and Roles Help Area.

---