If your users are authenticating using one of the Directory Authenticators (Active Directory or one of the LDAP type authenticators), you can configure Cloud Access Manager to use a second factor of authentication in addition to a password. The secondary authentication methods available are:
The configuration options for these methods are described in the following sections.
Complete the RADIUS Connection Settings to allow Cloud Access Manager to connect to an authentication service using the Remote Authentication Dial-In User Service (RADIUS) protocol. Please refer to Table 1 for a detailed explanation of each feature.
|
To determine whether Cloud Access Manager has connectivity to the RADIUS authentication service. |
|
1 |
Select the Enable certificate revocation list checking box. This will prompt Cloud Access Manager to check the Certificate Authority's Certificate Revocation List (CRL) to ensure the user's certificate has not been revoked. If the user's certificate has been revoked, the login request will be denied. |
|
3 |
For detailed instructions on smart card configuration, please refer to Configuring smart card authentication.
Defender as a Service is a cloud based authentication service that allows users to self-register and then access their one time passwords on both mobile and desktop devices. For further information on accessing Defender as a Service and using Cloud Access Manager to authenticate Defender as a Service users, please refer to Configuring each application.
|
Enter the name of the attribute from the primary directory (Active Directory / LDAP) whose value is to be relayed to the Defender as a Service authentication service to identify the user. The default attribute is mobile, this usually contains the user's mobile telephone number. | |
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center
