Administration Settings

In Administration SETTINGS, shared space admins can configure the shared space by setting properties and enabling features on the UFT Mobile server.

When using UFT Mobile as a managed service provided by an MSP or when shared spaces are enabled during installation, some settings may be controlled globally. For details, see Shared space management (on-premises).

Configure settings

To configure administration settings:

Select a category from the left panel. After you modify the settings in a specific section, click Verify and Save and wait for the server to acknowledge your changes.

To erase the changes that you made, click Discard Changes in the top right of the screen.

Note: Some properties and settings are only available for Trial, Enterprise, and Ultimate license types. For details, see UFT Mobile editions.

Back to top


This section lets you configure general settings, such as compatibility validation, lock duration (for consecutive failed logins on the account and for idle devices), and password expiration time.

The following table provides additional information regarding some general settings:

Enable WebSocket Security When this setting is enabled, all testing tools and integrated products connecting to UFT Mobile must use an execution key for authenticating the connection. For details, see Access key management.
Password expiration

The default password expiration is 180 days. Twenty days before the expiration date, UFT Mobile issues a warning to the user to change the password. A "0" value indicates no expiration date.

If a user's password expires or if a user forgets their password, the shared space admin can reset it from Lab Management, or using a script. For details, see Manage user accounts with scripts (on-premises).

Lock duration

To prevent users from being locked out after entering a wrong password three times, set the Lock duration to "0".

Collect usage data One type of data collection is for the purpose of evaluating the usage of your lab resources. You can download CSV reports from the console containing reservation, device, app, and job information.
Single-Sign-On init string

This is mandatory for integration with the ALM extension for UFT Mobile. Paste in the value of the COMMUNICATION_SECURITY_PASSPHRASE flag from the ALM Site Administration. If you leave this field empty, single sign-on will not work. For details, see Open the UFT Mobile wizard.

Permission to gather data

Allow collection of data to be used internal by Micro Focus to improve the product, in accordance with the company’s privacy policy.

Limit application uploads Limit the number of uploads for each application. This makes it easier to manage the number of application uploads that need to be maintained and reduces load on the file storage system.
Application upload limit When you define the maximum upload limit, older uploads exceeding the limit are deleted. If you selected to delete old uploads of applications when upgrading the UFT Mobile, your settings will be copied over to this section.

Note that after the setting is enabled, or if the number of uploads to retain is decreased, the deletion of uploads will not be done immediately, but will be done in the background.
Execution/Connector max duration Set the maximum number of days that Execution and Connector access keys are valid. After the limit is reached, the keys expire. If you leave these fields blank, the keys have no expiration date. You can also enable a setting to remove expired keys automatically from the list of access keys.

For details on how to create access keys, see Access key management.
Prometheus integration Enable or disable the integration with Prometheus. After clicking verify and save, restart the server.

Back to top

Proxy setting (web access)

When using a proxy server, user this setting to configure the proxy server settings.

Back to top

Device reservation

This section lets you set the default reservation and extension durations, in minutes. In addition, you can set the default Dev Access duration.

Android packaging service

To enable record and replay functionality when testing certain apps, you need to repackage them with UFT Mobile libraries. These sections allow you to specify the host machine, port, and protocol for the Android packager. You can also specify if packaged apps should trust self-signed and Android system certificates. This is required when recording a script for load testing using the VuGen MITM protocol. For details, see App packaging and signing services.

iOS packaging service

Provide the details of the primary packager machine. You can also determine whether to connect to the packager machine via the proxy server defined in Proxy setting (web access).

Use the Add Service button to add another iOS packaging service, in addition to the primary one. You also indicate the workspace that will use the additional packaging service. Use the Remove button to remove packaging services that you added. The primary service cannot be removed.

If you enable SSL for the connection to the app packager, you use the self-signed certificate or a certificate issued by a Certificate Authority (CA). If you use a self-signed certificate, you can either import it to the UFT Mobile server as explained in Configure app signing services for iOS apps (on-premises) or disable the iOS app packager certificate validation setting.

Note that the Agents are always signed with the primary packaging service. For information on how to distribute the signed Agents automatically, see View and manage connectors (Admin only). This capability is only available for Trial, Ultimate, and Enterprise type licenses.

Back to top

iOS options

Globally control settings for all iOS devices.

Kanji keyboard support

When enabled, provides better support for the Kanji (Japanese) keyboard by looking up the key entered from the physical keyboard and passing it to the soft keyboard on the device screen. Note that this option should only be enabled for the Japanese keyboard. Note: The setting is supported on iOS 11.1 and later.

Prevent Auto-Lock When this option is enabled, UFT Mobile prevents the Auto-Lock if configured in the Settings on an iOS device, by waking up the device every 30 seconds.
Auto-dismiss system alerts when idle Sometimes, alerts such as iOS update notifications can interfere with the UFT Mobile device plug-and- play process.
When this option is enabled, UFT Mobile automatically dismisses system alerts every 15 seconds. To avoid interfering with tests, UFT Mobile will not dismiss alerts during record and replay.
Auto-dismiss alerts during app launch Alerts displayed during the launch of an app, for example a location permission request, may prevent UFT Mobile from identifying that the app was successfully launched.
When this option is enabled, UFT Mobile automatically dismisses system alerts during app launch.
Support for time and date changes

Note: Enable this option only if your test involves changing the time and date.

When enabled, this option prevents the remote view from freezing when the date or time is changed.


  • UFT Mobile dismisses alerts by selecting the negative option. For example, if the location permission alert is displayed, UFT Mobile will select Don’t Allow.
  • The options above are currently supported only for English locale.

Amazon Device Farm integration

Amazon Device Farm (ADF) integration lets you use devices from the Amazon farm for testing purposes.

In this section, you provide the AWS security credentials. If you created a project that you want to use through the EC2 interface, specify its name here.

For details, see AWS Device Farm integration or follow the links to the AWS documentation in this pane.


  • These settings override any other settings that you may have defined for your test in the EC2 instance.
  • When you disable ADF integration, the change may take up to 10 minutes to take effect.

Back to top

User permissions

You can define permissions for users in your workspace regarding actions on apps and devices. By default, users have permissions to perform all actions.

Device actions

For devices, you can indicate whether non-admin users are permitted to:

  • Restart a device
  • Reconnect a device
  • Remove a disconnected device
  • Change a device name
  • Change the device settings on either (or both) Android and iOS devices. When you restrict non-admin users from accessing the device Settings, the icon is displayed on the device card.

Considerations when restricting access to device settings:


When the restriction is applied, the Settings app cannot be launched.


1. Remove all the accounts on the device (Settings > Account).

  • Some apps automatically add an additional account. After enabling the UFT Mobile setting, check that the account has not returned.
  • On some devices, there is a setting called Users. Delete any New user items.

2. Reconnect the device.

Note that after the administration setting is enabled and the icon is displayed, you can add the accounts back.


When the restriction is applied, the Settings app can still be launched but no action can be performed on it.

iOS versions lower than 11 using the UIA test framework

Access is blocked only for replay. Manual control is not blocked. Note that the icon is still displayed.

General Note: If restricting manual control fails for some reason (for example, if the accounts were not removed from the Android device) the icon will be displayed on the device.

App actions

For apps, you can indicate whether non-admin users are permitted to upload an app, install an app, or delete an app.

Note: Connecting to ADF devices is not supported when non - admin users are restricted from installing apps on devices.

Back to top

Network Virtualization integration

This section lets you specify the NV Test Manager machine information, its authentication token, and the protocol to use (HTTP or HTTPS).

For details about these settings, see Set up Network Virtualization integration in UFT Mobile (on-premises).

For information on how to set up your machine and devices, see Network Virtualization integration (on-premises).

Back to top

LDAP integration

If your organization uses LDAP to manage user accounts, you can allow users to access UFT Mobile with their LDAP credentials.

When using shared spaces, some settings are controlled globally by the operator. For details, see Shared space management (on-premises).

Note for UFT Mobile SaaS: The LDAP must be accessible over the internet. Add the UFT Mobile SaaS address to your allowlist if needed.

To enable the integration:

When you enable LDAP mode, the configuration for at least one LDAP server must be provided. You can add multiple LDAP server configurations, provided that the host, port, and base DN of each server is unique. If you plan to assign an LDAP group to a workspace, either the User Group membership attribute, or the Group membership attribute must be specified in the LDAP server configuration.

When the Assign users to default workspace setting is enabled in Administration Settings, a user will be assigned to the Default workspace:

  • if there is no LDAP server/group assigned to the Default workspace OR
  • if an LDAP server/group is assigned to the Default workspace, and the user is included in the server/groups.

Click ADD SERVER and specify the server details, including:

Friendly Name This is the name used when displaying the details of the LDAP server, and helps you to recognize the server.
Hostname and Port Provide the hostname of IP address of the LDAP server, and the port used.
Base DN The base distinguished name identifies the section of the directory where searches start.
User search filter The User Search Filter setting indicates the form of the LDAP query used to find a user during login. It must include the pattern {0}, which is replaced with the relevant user details entered when a user logs in to UFT Mobile. If you specify CN={0}, it uses the Common Name (CN) for the LDAP query. If you specify mail = {0}, the email is used.
User name attribute

The LDAP attribute to use for the display name of the user in UFT Mobile.
Note: Changing this attribute is not supported. If you need to change this attribute, you will need to disable the LDAP integration which will remove all users.

User group membership attribute A user attribute that indicates the groups to which the user belongs, for example memberOf.
Group membership attribute

A group attribute holding the list of group members. For example, uniqueMember or member.

Notes for upgrading:

  • Important: If you are upgrading to UFT Mobile 3.5 from version 3.3 or earlier, log in to UFT Mobile with the default user In Administration > SETTINGS, check that the user name attribute is the same as the attribute used in the user search filter. Not performing this step may result in duplication of users.

  • If LDAP was configured before the upgrade, the LDAP server configuration will remain as it was and users will be able to continue to log in as usual. The friendly name for the server will be Server 1.

Important: When you enable or disable LDAP mode, all existing users, excluding, are deleted.

For details on how to work with LDAP users, see Use UFT Mobile with LDAP. To use secure LDAP (SSL), see Use secure LDAP on the UFT Mobile server .

To delete an LDAP server configuration:

Click REMOVE. If the server, or groups included in the LDAP server, were assigned to one or more workspaces, the assignments will be removed. Users included in the server/groups will no longer be able to log in to UFT Mobile.

Note that when LDAP mode is enabled, you require at least one LDAP server configuration.

Back to top

SAML SSO integration

UFT Mobile supports single-sign on via SAML 2.0. SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider, such as UFT Mobile. In this section of settings, you can enable single-sign-on (SSO). This way, users can use one set of credentials for logging into UFT Mobile, as they do for logging into other SSO applications in their organization.

Note: When configuring UFT Mobile to work with SAML SSO, the connection to the UFT Mobile must be over SSL. For details, see UFT Mobile - Windows Installation (on-premises) or UFT Mobile- Linux Installation (on-premises).

To enable SAML SSO integration, you need to add UFT Mobile to your Identity Provider (IdP). Refer to your Identity Provider documentation for instructions on how to configure your IdP for a new SAML 2.0 application. You will need information (metadata) about UFT Mobile when configuring your IdP. Download this by clicking the DOWNLOAD UFT Mobile METADATA link.

You will also need to add the following information from your IdP to UFT Mobile, so that SAML-based authentication requests can be sent to your IdP:

IdP SAML metadata

This can be a URL, or you can copy and paste the contents of the IdP metadata .xml file into this field.

Administrator login name

This is a user, defined in the IdP, that will be granted UFT Mobile administrator permissions. Initially, only this user will be able to access the Administration menu to perform administration tasks such as configuring settings, and managing workspaces, licenses, and access keys. The administrator can assign admin permissions to additional users by changing the user role in Administration > Settings > Users. For details, see .

Username attribute identifier

User attributes are information used to identify individual users. In this field, provide the SAML attribute name for the username attribute that the IdP uses for identification on sign in. Depending on how you configured your IdP, the username attribute for signing in can be an email address, or a unique user name.

Tip: Find the attribute identifier in the AttributeStatement section of the IdP SAML response. Look for the SAML attribute name with a value that equals the attribute that IdP uses for identification on sign in.

For example, if email address is used for authentication of users against the IdP, the identifier in the example below is

Alternatively, use {$id} to take the username from the subject of the SAML assertion, and not from Attribute section.

After you have successfully defined the SSO settings, or if you update any of the settings, you will be prompted to log out and to log in again using your organization credentials. If you disable SAML SSO, you will need to use your UFT Mobile credentials to log in again.

Note: When you enable or disable the SSO setting, all existing users, excluding, will be deleted.

If you enabled SSO but cannot log in to UFT Mobile as an administrator, for example, if you wrongly configured the administrator user, you can disable SAML SSO by running the User management script.

Note for UFT Mobile SaaS: The IdP must be accessible over the internet. Add the UFT Mobile SaaS address to your allowlist if needed.

Back to top

UFT Mobile hosted device lab integration

This section lets you enable integration with a UFT Mobile hosted device lab and specify the Oauth2 credentials needed to access the devices.

Micro Focus provides you with the access key when you purchase your UFT Mobile hosted devices contract. For details, see the Hosted devices datasheet.

Back to top

Service Virtualization (SV) integration

This section lets you enable Micro Focus Service Virtualization (SV) instrumentation when uploading apps.

This integration enables you to virtualize your sensors, APIs, and devices. For details, see Set up Service Virtualization (on-premises)and Use Service Virtualization (on-premises).

Back to top

AutoPass license server configuration

Required only when using a time-based device minutes license. After installing the AutoPass license server, specify the details of the AutoPass server machine. For details, see License installation and management.

Back to top

Genymotion integration

This section lets you specify the account to use for integration with Genymotion cloud devices. For details, see Genymotion Cloud integration.

Back to top

Defect Tracking System integration

Integrate UFT Mobile with Micro Focus Octane to open defects directly from exploratory sessions. Enable the integration setting, and then populate the fields as described below:

  • Specify the Octane URL where you want to manage your defects.
  • Include the Octane space ID. The space ID is the number that immediately follows the equals sign in the Octane URL, for example 45001 in the example below:
  • You can use your own customized Octane form (template) for filling in the description field of the defect. The template must include the placeholder UFTM_TEST_STEPS. The placeholder will be populated with the steps from the step report.

When saving the settings, the connection to Octane will be verified.

Note that this integration is not supported when shared spaces are enabled.

Back to top

Device Health Indication

This section lets you set the threshold values for the device health, for several metrics which represent the readiness of the device. If a device's metric exceeds a threshold value, its card displays a warning icon .

For example, the default battery temperature for an Android device is 45°. If UFT Mobile detects a temperature that exceeds 45°, the card displays a warning icon. Hover over the icon to see details about the exceeded threshold.

For more information, see View and manage devices.

Note that some metrics are only available for Android, while others only for iOS. The Thermal state metric is only supported for iOS versions greater than 10.

Back to top

See also: