Starling Two-Factor Authentication Hosted - RADIUS Agent Administrator Guide

Starling Two Factor RADIUS Agent settings

You can configure Starling Two-Factor RADIUS Agent for two-factor authentication by setting the required parameters in Starling Two-Factor RADIUS Agent Configuration window. The configuration window allows you to configure the RADIUS Agent sever details, your Starling Two-Factor Authentication subscription details, push notification details, user repository details and the client details. These details are required to carry out two-factor authentication.

Configuring RADIUS Agent Server Settings

To configure Server settings

In the Server Settings section, provide the following details:

  • IP address: IP address of RADIUS Agent server, which will be validating the authentication requests. The field lists all the IP addresses (ipv4 addresses) on the server and displays the first server in the list. You can select the IP that you want to use for authentication.
  • Port number: The port number, which RADIUS Agent will be using to receive authentication requests. The default port is 1812. You must manually configure the firewall exceptions to allow Starling Two-Factor RADIUS Agent traffic on the selected port.

 

Click Save Settings after completing the configuration.

NOTE: The Starling Two-Factor RADIUS Agent service must be restarted to save the changes. On clicking Save Settings, the Starling Two-Factor RADIUS Agent configuration dialog appears, prompting the user to restart the service.


Connecting with Starling for Authentication

NOTE: To obtain a Starling Two-Factor Authentication subscription, click the following link: https://www.cloud.oneidentity.com/

To configure One Identity Starling for authentication

  1. On the Starling Two-Factor RADIUS Agent window, click Connect Starling. The Connect Starling window is displayed.
  2. Click Connect my account. You are redirected to One Identity Starling authentication window.
  3. Provide your Starling credentials and click Sign in.

    If you are a member of more than one Starling organization, choose the organization you want to connect to, from the dropdown box. Click Connect.

After successful authentication, you will be redirected back to One Identity Starling Two-Factor Authentication Connect Starling window. You can connect to a different organization in your One Identity Starling account by clicking Change Account. If the process of changing accounts is not successful, the previously connected account will be used.

If One Identity Starling Two-Factor RADIUS Agent is uninstalled, details regarding the Starling Two-Factor RADIUS Agent gets deleted from the Starling account.

NOTE: If there are network issues or if Starling is down, your account is disconnected. In such cases, click Reconnect. To test the validity of your account connection, click Test connection.

NOTE: If you have a Starling account when trying to join Starling, you will receive a Starling invitation email. Click the link in the email and log in to the Starling account. If your Starling account belongs to multiple organizations, you can select the organization to which Starling Two-Factor RADIUS Agent must be joined.

NOTE: If you do not have a Starling account, while you are trying to join to Starling, you will get a Starling Sign-Up email to complete a registration process to create a Starling account. Complete the registration and login using the credentials that you have provided during registration. For account creation details, see the One Identity Starling User Guide.

Push Notifications

Push notifications enable Starling 2FA mobile app to receive requests to approve an authentication attempt. Configuration of push notifications facilitate an end-to-end encrypted communication between the application and a secured authentication service. Accurate configuration of push notification enables the user to Approve or Deny a login attempt. Push notifications are configured by default.

Configure the following Starling Two-Factor Authentication push notification settings:

    • Message: This is the message that would be displayed in the Starling 2FA app. The character limit for the message is mentioned below:
      • The message must comprise of less than or equal to 50 characters.

      • The message must comprise of more than or equal to 10 characters.

    • Timeout (seconds): Timeout determines the duration for which the push notification request received on Starling 2FA app is valid. For example, if the value of the timeout is set as 30 seconds, the validity of the notification would last for 30 seconds only. The value can be selected from the drop-down menu. If Other is selected from the drop-down menu, the timeout value must be entered in the Other field that appears below the drop-down menu. The Other option is provided so that a user can customize the timeout value. The default value for timeout is 30 seconds.

     

Click Save Settings after completing the configuration.

Related Documents