Chat now with support
Chat with Support

Identity Manager 8.0 - Web Application Configuration Guide

Starling Two-Factor Authentication

Starling Two-Factor Authentication

Multi-factor authentication guarantees better security for logging into web applications. One Identity Manager tools user Starling Two-Factor Authentication for multi-factor authentication.

The following prerequisites must be fulfilled to use Starling Two-Factor Authentication:

  • Users must have a registered Starling 2FA token.
  • Use of an employee-related authentication module, for example "Person (role-based)"

Starling Two-Factor Authentication takes place after initial database login and is independent of it. At web application level, every access attempt is prevented until Starling Two-Factor Authentication has been executed.

Setting up Starling Two-Factor Authentication

Setting up Starling Two-Factor Authentication

Table 10: Configuration Parameter for Multi-Factor Authentication

Configuration Parameter

Description

VI_Common_RequiresAccessControl

Requires authentication for web applications.

VI_Common_AccessControl_StarlingEnabled

Enables use of Starling Two-Factor Authentication.

Multi-factor authentication is done in the web project in the Web Designer.

To set up Starling Two-Factor Authentication

  1. Open the Web Designer.
  2. Open a module and search for "VI_Common_RequiresAccessControl" in the definition tree view.
  3. Mark the configuration parameter "VI_Common_RequiresAccessControl" in the definition tree view and set the value to true in the node editor view.
  4. Mark the configuration parameter "VI_Common_AccessControl_StarlingEnabled" in the definition tree view and set the value to true in the node editor view.

Starling Two-Factor Authentication for Specific People

Starling Two-Factor Authentication for Specific People

Table 11: Configuration Parameter for Multi-Factor Authentication for Specific People

Configuration Parameter

Description

VI_Common_AccessControl_Filter

Sets up multi-factor authentication for specific people.

You need to specify, which people can use multi-factor authentication in your web project.

To set up Starling Two-Factor Authentication only for specific people

  1. Open the Web Designer.
  2. Open a module and search for "VI_Common_AccessControl_Filter" in the definition tree view.
  3. Mark the configuration parameter "VI_Common_AccessControl_Filter" in the definition tree view.
  4. Enter a filter condition in the node editor view that only matches people who require multi-factor authentication.

Logging in without Starling 2FA Tokens

Logging in without Starling 2FA Tokens

Table 12: Configuration Parameter for Logging in without Multi-Factor Authentication

Configuration parameter

Description

Setting

True

false

VI_Common_AccessControl_Starling_AllowUnregistered

Allows users to log in to the web application without multi-factor authentication.

Users without a registered Starling 2FA token can log in to the web application without Starling Two-Factor Authentication.

Users without a registered Starling 2FA token cannot log in to the web application.

You can configure your web project to allow users without multi-factor authentication to log in to the web application.

To log in without Starling 2FA tokens

  1. Open the Web Designer.
  2. Open a module and search for "VI_Common_AccessControl_Starling_AllowUnregistered" in the definition tree view.
  3. Mark the configuration parameter "VI_Common_AccessControl_Starling_AllowUnregistered" in the definition tree view.
  4. Set the value in the node editor view to true.
Related Documents