Journey Workspaces FAQ - Logging in

  WorkspacesThis topic relates to Journey Workspaces   |     Platform Developer   |  18.11This feature was introduced in the 18.11 release21.11This feature was updated in the 21.11 release

Note

Some of the text and images below may not match what you see in your Journey Workspaces app. This is because the features described are based on a default Journey Workspaces configuration, and your Workspaces app may be configured differently; for example, with your company's branding, with fields for other information, or with a custom layout. Nevertheless, the features described work the same way in every Workspaces app.

This issue was fixed in Workspaces 19.11.

This issue affected Workspaces 19.05 and earlier.

This issue was fixed in Workspaces 18.11.4.

This issue affected Workspaces 18.11 and earlier.

No. Journey Manager allows only one active Workspaces session for each user. If you try to login to Workspaces on multiple web browsers or browser tabs, only the first login attempt will be successful. The second and subsequent simultaneous login attempts to the same Workspaces portal will report an HTTP 403 Forbidden status code.

No. As mentioned in the previous FAQ, a user can't be logged in to Workspaces on multiple web browsers or browser tabs simultaneously. This restriction also applies when using multiple Workspaces portals.

For example, if you have white-label brands with a separate Workspaces portal for each brand, you need to log out of Workspaces and login again each time you want to use Workspaces for a different brand on the same web browser. Alternatively, you can use a different web browser for each Workspaces portal; for example, login to one Workspaces portal on Google Chrome and another on Mozilla Firefox.

There are several reasons why you may encounter an HTTP 403 Forbidden status code when logging in to Workspaces. Some common scenarios are listed below.

If none of these match your circumstances, try searching the Q&A forum. If you don't find what you're looking for, you can ask a question there. Alternatively, contact your Temenos Client Services representative for assistance.

After upgrading a TJM 21.05 or earlier environment to TJM 21.11 or later, you may be presented with an HTTP 403 Forbidden status code when you attempt to access Workspaces. This may be due to a CSRF token implementation. To learn more about this issue including how to address it, see CSRF token issue.

If you encounter an HTTP 403 Forbidden status code when logging in to Workspaces, it could be related to an SSO setup using SAML-based authentication.

Unlike OAuth-based requests, a SAML authentication request does a POST on the Workspaces form URL which is configured in the Journey Manager console via the Work Spaces form space. Any POST request on Workspaces is redirected to secure/index.htm which needs to be configured with the Workspaces application URL.

To address this issue, ensure that secure/index.htm in the Work Spaces form space is configured to open your Workspaces form. Follow these steps.

  1. In Journey Manager, select Forms > Form Spaces. The list of available form spaces is displayed.
  2. In the list of form spaces, click Work Spaces, and switch to the Pages tab.
  3. In the list of pages, click Index Secure, and select the Portal Page tab.
  4. Ensure the code in the Page Content box is configured to open your Workspaces page; something like this:
    <html>
        <head>
            <meta http-equiv="Refresh" content="0;URL=/workspaces/app/FORM_CODE/FORM_VERSION" />
        </head>
    </html>

    If you make any changes, click Save.

  5. Click Close.
NOTE

If the Work Spaces form space property CSRF Protection is enabled (which it is by default), a CSRF token is generated on initial authentication with the security manager, and any subsequent POST requests on the Workspaces application need to pass this CSRF token in the request header. However, if you're unable to retrieve the CSRF token to include it in the subsequent POST requests and it's deemed secure for your environment to not send it, you can disable CSRF Protection for the Work Spaces form space.

If you modify the CSRF Protection property, you must restart the portal for the change to take effect.