Configuration parameter |
Meaning |
---|---|
QER | Person | Defender |
This configuration parameter specifies whether classic Starling Two-Factor Authentication integration is supported. |
QER | Person | Defender | ApiEndpoint |
This configuration parameter contains the URL of the Starling 2FA API end point used to register new users. |
QER | Person | Defender | ApiKey |
This configuration parameter contains your company's subscription key for accessing the Starling Two-Factor Authentication interface. |
QER | Person | Starling |
This configuration parameter specifies whether One Identity Starling Cloud is supported. Initiate your subscription within your One Identity on-prem product and join your on-prem solutions to our One Identity Starling Cloud platform. Giving your organization immediate access to a number of cloud-delivered microservices, which expand the capabilities of your One Identity on-prem solutions. We will continuously make available new products and features to our Starling Cloud platform. For a free trial of our One Identity Starling offerings and to get the latest product feature updates, visit cloud.oneidentity.com. |
QER | Person | Starling | ApiEndpoint |
This configuration parameter contains the touch endpoint for login to the One Identity Starling software-as-a-service platform. The value is determined by the Starling configuration wizard. |
QER | Person | Starling | ApiKey |
This configuration parameter contains the credential string for login to the One Identity Starling software-as-a-service platform. The value is determined by the Starling configuration wizard. |
You can set up multi-factor authentication for specific security-critical actions in One Identity Manager. You can use these, for example, for attestation or when approving requests in the Web Portal.
Use One Identity Manager One Identity Starling Two-Factor Authentication for multi-factor authentication. This service is normally provided over a One Identity Starling Cloud platform. If your company does not use a Starling Cloud, select the conventional Starling Two-Factor Authentication integration. Use configuration parameters to specify which of the two solutions are applied in your company.
To be able to use multi-factor authentication
-
Register your company in Starling Two-Factor Authentication.
For more detailed information, see the Starling Two-Factor Authentication documentation.
-
Specify which authentication solution is used.
-
To use Starling Cloud
-
Start the Launchpad.
-
Select Connection to Starling Cloud and click Run.
This starts the Starling Cloud configuration wizard.
-
Follow the Starling Cloud configuration wizard’s instruction.
The configuration parameters under QER | Person | Starling are enabled and the authentication information is entered.
-
-
To use conventional Starling Two-Factor Authentication integration
-
In the Designer, enable the QER | Person | Defender configuration parameter.
- Enable the QER | Person | Defender | ApiKey configuration parameter and enter your company’s subscription key as the value for accessing the Starling Two-Factor Authentication interface.
The default URL of the Starling 2FA API end point is already entered in the QER | Person | Defender | ApiEndpoint configuration parameter.
-
-
-
Enable assigning by event for the PersonHasQERResource table. For more information, see Editing table properties.
-
(Optional) Specify whether the security code must be requested from the Starling 2FA app. For more information, see Requesting a security code.
- (Optional) Specify whether requests can be approved using the Starling 2FA app. For more information, see Allowing approval decisions using the Starling 2FA app.
-
In the Manager, enable the New Starling 2FA token service item. For more information, see Preparing the Starling 2FA token request.
If the user's telephone number has changed, cancel the current Starling 2FA token and request a new one. If the Starling 2FA token is no longer required, cancel it anyway.
For detailed information, see the following guides:
Theme |
Guide |
---|---|
Preparing the IT Shop for multi-factor authentication |
One Identity Manager IT Shop Administration Guide |
Setting up multi-factor authentication for attestation |
One Identity Manager Attestation Administration Guide |
Setting up Starling Two-Factor Authentication in the web project |
One Identity Manager Web Application Configuration Guide |
Requesting the Starling 2FA Token Requesting products requiring multi-factor authentication Approving requests with multi-factor authentication Attestation with multi-factor authentication |
One Identity Manager Web Portal User Guide |