Using the Management Portal
The Keyfactor Command Management Portal is a web-based application that you can open in any supported browser. The default URL for the Management Portal is (where KEYFACTOR_SERVER_FQDN is the FQDN of your Keyfactor Command administration server):
If your environment uses OAuth as an identity provider and has more than one identity provider, you can specify the identity provider to use for authentication in the URL using an identity provider hint (where IDP_NAME is the authentication scheme of the selected identity provider):
You only need to specify the identity provider for identity providers that have not been configured as the default identity provider.
In addition to the main URL, the pages in the Management Portal are available via deep link. To find the deep link for a page, just visit the page in your browser and copy the URL from the browser’s URL line. For example, the deep link URL directly to the certificate search page in the Management Portal is available at:
You can change the number at the end of this deep link to direct the deep link to a specific saved collection The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports). instead of the main search. You can find the collection number by browsing to the collection and viewing the URL in your browser. You can also build links to specific searches, rather than saved collections. For more information, see Certificate Search and Collections.
The IdP link and the deep link may be stacked, so that you may specify both a deep link and a specific identity provider like so:
The following is some information to help you understand and use the Management Portal successfully.

-
When trying to log into Keyfactor Command with a disabled identity provider, users will be redirected to an error page that clearly explains the authentication issue.
-
If the user is previously authenticated with a currently disabled identity provider (i.e. authenticated before the Identity Provider was disabled):
-
Upon will be redirected to authentication issue error page, where the user will be able to logout of their session. The logout button will only show in the Management Portal header for authenticated users.
-
Also, the user will be redirected back to the same authentication issue error page after logout.
-
Logging Out
The Logout button is at the top right of the Management Portal header on all webpages. The functionality of logout button is as follows:
-
If a user logged in through Active Directory, clicking the logout button will log the user out and bring them to Active Directory log out page.
-
If a user logged in through OAuth, clicking the logout button will log the user out and bring user to the IDP log in page for the IDP the user used to log in.
Navigating Keyfactor Command Grids
The grid includes the following features:
- Action buttons are used to perform actions on the data in the rows displayed in the grid. Some buttons are grayed out until you click on a grid row, or if that action is unavailable for the selected row. Which action buttons are displayed will depend on the function of the page.
Note: On some grids the actions are also available from the context menu, which is accessible by right-clicking on the selected row.
- The Total in the upper right of the grid will be updated each time you refresh the grid.
- The Refresh button will poll the Keyfactor Command database and update the grid with the results of the current page query and update the Total.
- To change a column width, click, hold and drag the line separating two column headers (to the right of the column you want to change).
- To rearrange columns, click on the header of the column you want to move and hold and drag the column to your selected location.
- To change the sort order of the grid, click on the header of the column you wish to sort by. The first time you click, the grid will be sorted in ascending order by the selected column. Click the column header again to reverse the sort order. When a column is sorted, a purple caret will appear at the end of the column name showing the direction of the sort. Lack of a caret indicates the grid is sorted by the default column and order. On some grids only select columns are sortable.
- Click anywhere on the row, or on the tick box in the far left column of a grid row, to select that row. You may select multiple rows by utilizing the standard Windows selection functions of CRTL/Select and SHIFT/Select to select multiple rows at once. Selected rows will be highlighted purple. You may then perform actions on the selected row(s) depending on the functionality of the grid by right-clicking and selecting an action (if available) or selecting an action from the action buttons at the top of the grid. Tick boxes are found only on grids that support actions on multiple rows at once.
- Information in a grid field can be copied to the clipboard by highlighting text in a grid field and clicking Ctrl+C.
- Hovering over a row will change the row green to show which row the cursor is focused on.
- To open up the details pop-up for a row, or a search page, depending on the functionality of the screen, double click on a row, or select the row and then select an action button from the grid header or the context menu item, if available, by right-clicking.
-
Grids use scroll bars to display grids with large quantities of data.
- Grid pages will re-size with the window size.
Figure 4: Using the Management Portal Grids
Validating Data Types
In data entry dialogs, fields in which the user is expected to enter certain data types will validate the user input against the expected data type and produce an error if the data entered is not valid. Fields that typically have validation include:
- email addresses (string fields)
- integers
- strings (alpha-numeric)
Further to this, regular expressions are supported on select entry fields for enrollment Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). (see Certificate Template Operations).
Pop-up Dialogs
- When the cursor is focused on a field, the outline of the field will turn purple.
- Active/ available buttons will be bright purple. Inactive/ unavailable buttons will be faded to light purple. When data entered into the panes changes the conditions, the buttons may change between bright and light purple (active/inactive).
- At the bottom of most pop-up dialogs are the Save and Cancel buttons, and possibly other actions that can be performed on the data, depending on the purpose of the pane.
- The X in the top right corner is the close option which works like the cancel button.
- Many pop-up panes will have multiple tabs. The tab in which the cursor is focused will be underlined in purple. When you point the cursor at another tab, it will temporarily change the underlining to purple until you click into the tab.
Under Construction Icon
The under construction icon will display when an action of a transaction is in process.
Figure 5: Under Construction Icon
Confirmation Message
Messages appear at the bottom of the screen during processing at times. For example, an operation successful message will appear at the bottom of the screen when a selected action on a transaction is successful.
Figure 6: Confirmation Message