Revision History

IIJ ID Service Manual [For Administrators] Revision History
Revision Date Revision Details
June 26, 2017
  • New document
October 23, 2017

Content updated in accordance with expansion of the following features:

  • Support for synchronization with multi-forest Active Directory
  • Support to synchronize account information with Linux OpenLDAP
  • Addition of ability to customize some notification email messages sent to administrators
  • Addition of ability to issue refresh tokens
January 29, 2018

Content updated in accordance with expansion of the following features:

  • Addition of ability to import information from Azure AD
  • Login policies now provided as standard functionality
  • Updates to the IIJ ID Console login screen
  • Expanded ID synchronization with linked services (Premium Federation Option)
  • Addition of upstream ID provider authentication (Premium Federation Option)
  • Addition of ability to register Web link applications (Premium Federation Option)

April 23, 2018

Content updated in accordance with expansion of/changes to the following features:

  • Additional information that can be registered for users
  • Addition of capability for administrators to reset passwords
  • Addition of email one-time password authentication (Multi-Factor Authentication Option)
  • System specification has been changed to send notification email to users when their accounts are locked
  • System specification has been changed to restrict operation by users/groups with external IDs
August 27, 2018

Content updated in accordance with expansion of/changes to the following features:

  • Addition of the device certificate authentication feature (Multi-Factor Authentication Option)
  • Addition of group setting feature for a user on the user creation/editing screen
  • Groups can now be registered as group members

  • User device information can now be displayed

  • "Last name" and "First name" in user information is now optional instead of required

February 19, 2019

Content updated in accordance with expansion of the following features:

  • Integrated Windows Authentication Option
  • Integrated Windows Authentication Multi-Region Option

September 30, 2019

Content updated in accordance with expansion of/changes to the following features:

  • Addition of the temporary password function
  • Multi-ID provider support
  • Addition of the Application User function to restrict login to applications
  • Addition of the function for the administrator to remove users’ SmartKey authentication information
  • Addition of the function to issue access tokens and refresh tokens for non-SCIM purposes
November 25, 2019

Content updated in accordance with expansion of/changes to the following features:

  • Addition of the function to set password expiry dates for temporary passwords
  • Addition of tenant identification information in job notification emails
  • Addition of the option that enables creation of SAML applications that use system-wide IDPs (Premium Federation Option)
February 25, 2020

Content updated in accordance with the following functions added to the Integrated Windows Authentication Option:

  • Support for multi-forest and multi-domain AD
  • Addition of the function to restrict networks on which SPNEGO authentication is allowed
  • Addition of the function to specify an arbitrary DN when creating an AD administration account
  • Addition of the function to register one multi-region of the IIJ Directory Service for Microsoft as an AD network
November 30, 2020
  • Support of FIDO2 authentication with the Multi-Factor Authentication Option
  • Enhancement of Login Policies in Security Settings
  • Integration of management screens for various pieces of authentication device information (FIDO2 security key, device certificate, and SmartKey authentication information)
  • Support of the initial contract using the domain (on.iijid.jp) IIJ prepares
February 8, 2021

Content updated in accordance with expansion of/changes to the following features:

  • Addition of application-linking ID to user attribute
  • immutableId is also updated now if Azure AD federation is disabled for exporting users to Office 365
May 17, 2021

Content updated in accordance with expansion of/changes to the following features:

  • Expansion of the SAML NAMEID attribute and Attribute attribute

  • Addition of FIDO2 authentication function for administrators
  • Addition of certificate revocation settings by OCSP and CRL for certificate authentication

  • Addition of the filtering function by certificate subject for certificate authentication

  • Addition of display customization (Link of request to disable multi-factor authentication)
  • Addition of Email Customization

November 22, 2021

Content updated in accordance with expansion of/changes to the following features:

  • Addition of the function to specify an assertion signing algorithm to the SAML Application
October 17, 2022

Content updated in accordance with expansion of/changes to the following features:

  • Addition of the function to display warning of password expiration dates
  • Expansion of the range in which variables can be used by the email customization function
  • Addition of the function that notifies that the expiration date of an access token is approaching
  • Changed the title of "Office 365" to "Microsoft 365"
  • Addition of the function that notifies that the expiration date of a provisioning API for the Microsoft 365 Application is approaching
  • Addition of the function to export users to Azure AD with no license
January 16, 2023

Content updated in accordance with expansion of/changes to the following features:

  • Procedures for setting up the Microsoft 365 Application have been changed with discontinuation of the MSOnline PowerShell module
  • Addition of the function on the "Information for User" screen
April 20, 2023
  • Corrected the example configuration of "No.2 Migration from External Authentication Infrastructure"
  • Corrected reference information of "Attributes Exported to Azure AD"
May 10, 2023
  • Corrected contents of "Description of User CSV File"
July 24, 2023
  • Corrected contents of "Adding Security Key Types that Can Be Registered/Authenticated"
August 15, 2023
  • Addition of descriptions to Application User for the use of the Microsoft 365 Application
October 13, 2023
  • Changed the design and document name
October 19, 2023
  • "Windows Server 2012 R2" has been deleted from the environment in which the operation of Integrated Windows Authentication Option had been checked
November 17, 2023
  • Changed link destination addresses
December 5, 2023
  • Correction of incorrect descriptions
January 12, 2024
  • Updated the content of the notification email address in "Editing Users"
  • Added notes to "Email One-time Password Authentication"
February 28, 2024
  • Corrected incorrect descriptions in the body of "Emails Sent from the IIJ ID Service"
  • Updated the content in accordance with the change of the login screen
May 21, 2024
  • Added the "Getting ID Provider Information" page
July 4, 2024
  • Correction of incorrect descriptions
October 18, 2024
  • Added reference information to "Service Has Been Registered"
  • Added reference information to "Configuring Graph API Settings"
  • Made some minor alterations to descriptions
December 19, 2024
  • Added "Inquiry Format"
February 27, 2025
  • Added descriptions about SCIM
  • Corrected "Inquiry Format"
April 17, 2025
  • Added descriptions about User ID
  • Added the number of external services that can be initially registered
  • Added descriptions about "externalUserName" for Integrated Windows Authentication
June 16, 2025
  • Added the "Format for Requesting for Desired Operations" page
  • Made some minor alterations to descriptions
June 26, 2025
  • Added descriptions to the "Format for Requesting for Desired Operations" page
July 22, 2025
  • Added descriptions about Redirect URLs for the OpenID Connect application
  • Added descriptions to "Format for Requesting for Desired Operations"
August 6, 2025
  • Added descriptions to the "Format for Requesting for Desired Operations" page
January 7, 2026
  • Added descriptions to "Registering Active Directory" of the Integrated Windows Authentication Option
February 2, 2026
  • Added descriptions to Restrictions
March 23, 2026
  • Corrected "Email Customization"
  • Added descriptions to and corrected "Changing Application Login Permissions"
April 21, 2026
  • Correction of incorrect descriptions