Configuring step-up authentication for an application is a two stage procedure. The:
|
NOTE: If multiple front-end authenticators are configured, step-up authentication is only available for users who authenticate with front-end authenticators that have two-factor authentication configured. |
To configure the front-end authenticator for step-up authentication
To configure the application for step-up authentication
From the list, select the users who will require two factor authentication to access the application. This will be either:
If you are configuring role based access, select the required roles from the Standard authentication roles list and click Add Role to add the role to the list of Two factor authentication roles.
Two factor authentication may also be applied only for external users. In this context, external users are defined as users whose IP addresses do not fall in the following ranges:
Two factor authentication for external users may be configured either to apply to all applications, or it can be configured on a per application basis.
To configure two factor authentication for external users for all applications
To configure two factor authentication for external users for specific applications
Integrating Cloud Access Manager with One Identity Starling allows you to take advantage of companion features from Starling services, such as Starling Two-Factor Authentication and Starling Identity Analytics & Risk Intelligence.
In order to use Starling 2FA with Cloud Access Manager, you first need to join Cloud Access Manager to Starling. This is done using the One Identity Starling section of the Features page. This section also includes the following links, which provide assistance with Starling:
In order to join Cloud Access Manager with Starling, first configure the following:
To join Cloud Access Manager to One Identity Starling
In the One Identity Starling section, click Join to Starling.
|
NOTE: The following additional information may be required:
|
Click Save.
To unjoin Cloud Access Manager from Starling 2FA
In the One Identity Starling section, click Unjoin Starling.
Cloud Access Manager will no longer be joined to Starling. A Starling Organization Admin account or Collaborator account associated with the One Identity Hybrid subscription can rejoin Cloud Access Manager to Starling at any time.
Obtaining a signed certificate
Replacing an expiring certificate
Installing a fully signed certificate from a certificate archive file
When you install Cloud Access Manager, a temporary self-signed certificate is created for the proxy and stored in the database. This section describes how to replace the temporary certificate with a fully signed, trusted certificate.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center