Modify Notification Templates

After activating and selecting notifications, and specifying their recipients, you can modify the notification templates that you selected. To meet the business and security requirements for your enterprise applications, tailor the content of these notifications.

  1. In the Identity Cloud Service console, expand the Navigation Drawer, click Settings, and then click Notifications.
  2. Click Email Templates.

    Tip:

    The notification templates that appear in the Email Templates tab reflect the selections you made in the Configure tab. See Select Notifications.
  3. Expand a notification template by clicking the right-arrow button that's associated with the template.
  4. To modify a notification template, use the following table:

    Important:

    When adding or changing a variable in an email template, ensure that you use the correct syntax. For example, to use the variable user.displayName, the correct syntax is ${user.displayName}.
    Field Description
    Language

    Select the language for the notification.

    To see a preview of the notification in the language you select, click View and access the Email Body text area.

    Encoding Verify that UTF-8 appears as the character encoding for the notification (for security, encryption, and backward-compatibility purposes). This character encoding can encode all possible characters of the notification, or code points, in Unicode.
    From Email

    Verify that the email address for this field matches the email address you entered in the From Email Address field. This field is the email address that will appear in the From Email field for all notifications.

    If you haven't verified the domain or the email address, then this value will be the previously validated email address or email address from the previously validated domain. As soon as the domain or the email address is validated (the status changes from Pending Domain Validation or Pending Email Verification to Domain Verified or Email Verified), then the verified email address will appear in the From Email Address field for all notifications.

    Subject Enter or provide variables for content that appears in the Subject field of the email notification.
    Email Body

    The content of the notification template. In this text area, you can customize the content to meet your needs.

    In addition to a customization toolbar, Oracle Identity Cloud Service provides you with variables to use. These variables are replaced with values specific to your business at runtime. They are:
    • ${account.emailID}: The email address of the user's account from which an attempt is made to log in using a device, IP address, or web browser that Oracle Identity Cloud Service doesn’t recognize.

    • ${actorDisplayName}: The identity domain administrator's email address

    • ${admin.resource.name}: The name of the Kerberos application

    • ${authentication.targetApp}: The name of the Microsoft Active Directory domain that contains the account of the user who’s authenticating into Oracle Identity Cloud Service

    • ${bypasscode.expiry}: The time (in minutes) before a bypass code expires

    • ${bypasscode.usage}: How many times a bypass code can be used

    • ${bypasscode.value}: The bypass code that the user or administrator generates for use as part of the 2-Step Verification process

    • ${companyName}: The name of the company that will appear in the notification

      Note:

      When you use the ${companyName} variable, be sure to add your company name to the Company Name field in the Branding page. If you don't, then your company's details won't appear in email notifications, SMS notifications, or in the Oracle Mobile Authenticator (OMA) app when a user completes MFA enrollment. See Customize the Sign In Page for more information about populating the Company Name field.

    • ${contactEmails}: The system administrator's email address

    • ${date}: The date associated with the action of the notification (for example, resetting a password)

    • ${device.ipAddress}: The IP address from which an attempt is made to log in to a user's account, but which Oracle Identity Cloud Service doesn't recognize.

    • ${device.enrollmentURL}: The configuration URL containing parameters used to configure the Oracle Mobile Authenticator app

    • ${domain}: The realm (or domain) that contains the Kerberos application

    • ${email}: The email address that appears in the From Email Address field

    • ${emailId}: The user's email address

    • ${footerImage}: The image that will appear in the footer region of the notification

    • ${headerImage}: The image that will appear in the header region of the notification

    • ${homePageRedirectUrl}: The redirect URL for the notification that can be used if the link in the notification doesn't work. This URL redirects users to the Home page of Oracle Identity Cloud Service.

    • ${job.displayName}: The display name of the job that's started, canceled, completed, or failed

    • ${job.historyId}: The ID number of the job that's started, canceled, completed, or failed

    • ${kerberos.principalName}: The Kerberos principal name that the user uses to access the Kerberos application to perform authentication to applications that support it

    • ${linkExpirationTime}: A date-and-time stamp, after which the link in the notification will be expired

    • ${masked_UID}: The account of the user who requests a one-time passcode (OTP) to enroll in 2–Step Verification.

    • ${OTP}: The one-time passcode (OTP) that’s sent to a user for the user to complete 2–Step Verification.

    • ${quota.limit}: The allowable quota limit for the resource type. If an administrator can create 500,000 user accounts, then 500,000 represents the quota limit.

    • ${quota.resourceType}: The classification type of the Oracle Identity Cloud Service entity (or resource) for which there is a quota limit (for example, users)

    • ${quota.usage}: Records of the resource type that were created. If an administrator created 600,000 accounts, then 600,000 represents the quota usage.

    • ${redirectUrl}: The redirect URL for the notification that can be used if the link in the notification doesn't work

    • ${request.createdOn}: The date and time that the request was created

    • ${request.requestedItem}: The groups or applications to which a user is requesting access

    • ${request.requesteeDisplayName}: The display name of the user who submitted a request for access to groups or applications

    • ${tenantName}: The name of the identity domain (or tenant)

    • ${time}: The time associated with the action of the notification

    • ${user.displayName}: The user's first name and last name (or display name)

    • ${user.userName}: The user's user name

    • ${userToken}: A token that Oracle Identity Cloud Service uses to identify the user

    • ${validity}: The amount of time (in minutes), after which the OTP will no longer be valid. As a result, the user can’t use it to enroll in 2–Step Verification.

    Tip:

    To undo the changes that you make to a notification template, click Cancel. If you click Cancel, then all your changes are lost.
  5. Click Save.
  6. In the Confirmation window, click OK.