First Login
Default Credentials
OrbisID ships with a single administrator account:
| Field | Value |
|---|---|
| Username | admin |
| Password | ChangeMe123! |
Change the default password immediately after your first login. The default credentials are publicly documented.
Logging In
- Open your OrbisID instance in a browser (e.g.,
https://your-orbisid-host) - Enter the default username and password
- You will be prompted to set a new password
If OIDC/SSO has been configured (Enterprise edition), a Sign in with SSO button will also appear.
Changing Your Password
After login, you can change your password at any time:
- Click your username in the top-right corner
- Select Profile
- Enter your current password and choose a new one
Passwords must meet the requirements defined in the Password Policy.
Session Behaviour
| Behaviour | Value |
|---|---|
| Inactivity timeout | 60 minutes |
| Absolute session lifetime | 8 hours |
| Failed login lockout | 5 attempts |
| Lockout duration | 30 minutes |
After 60 minutes of inactivity (no API calls), you will be redirected to the login page. Sessions also expire 8 hours after login regardless of activity.
If you enter an incorrect password 5 times in a row, the account is locked for 30 minutes.
User Interface Overview
The OrbisID interface is divided into:
- Sidebar (left) - main navigation grouped by function
- Content area (centre) - the active page
- Header (top) - user menu, notifications, version info
Navigation Structure
Roles
OrbisID has three user roles. Each role includes all permissions of the roles below it.
| Role | Access |
|---|---|
| Administrator | Full access including user management, settings, API keys, licence, and OIDC configuration |
| IAM Governance Manager | Can manage systems, credentials, scan policies, identities, and PAM inventory |
| IAM Governance Analyst | Read-only access to dashboards, reports, accounts, KRIs, and scan history |
Menu items that require a higher role or a licence upgrade are hidden or show a lock icon.