![]() ![]() ![]() If you have not already aggregated accounts from your RSA source, aggregate those accounts.Ĭonfigure RSA SecurID as an available password reset or strong authentication method for your identity profiles. Go to Admin > Connections > Integrations > RSA SecurID.įor Source, select the RSA Authentication Manager source.īecause only one RSA source can be configured for the integration, only users from this RSA source will be able to use RSA strong authentication methods. You are now ready to integrate RSA SecurID in IdentityNow. Refer to the RSA SecurID documentation for configuration guidance. This includes setting up a PIN and being able to receive an RSA token.Ĭonfigure RSA to accept a SecurID from your users in a format IdentityNow supports. To use RSA strong authentication in IdentityNow, your users must complete their RSA accounts. Never set the Authentication policy to Bypass 2FA. The integration name is important because it shows up in the Duo Push request sent when a user authenticates with Duo.ĭo not apply a Remembered Devices policy to the SailPoint Web application.ĭo not apply a New Users policy, Authentication policy, Authorized Networks, or User Location policy that allows access without two-factor authentication to the SailPoint Web application. (Optional) Change the integration name to a custom name configured for your organization. Refer to Duo - Protecting Applications for more information. In the Duo Admin Panel, go to Applications > Protect an Application and select SailPoint Web.Follow the Duo Security directions to configure Duo 2FA for SailPoint IdentityNow.You must first configure and then integrate Duo Web with IdentityNow. You can use the mobile browser instead.įor strong authentication, use Duo Security. The IdentityNow mobile app does not support password reset or unlocks for end users authenticating via Duo Web. Under Duo Username, select the identity attribute that corresponds with users' Duo Security user names. Go to Admin > Connections > Integrations > Duo Security.Ĭomplete all the available fields based on the information provided by Duo when you created the required integration. ![]() For security purposes, the user does not have the opportunity to enroll in Duo during strong authentication. If a user has not enrolled in Duo or has not registered a device, the Duo strong authentication methods will not be displayed. If a user has not enrolled in Duo or has not registered a device, the Duo authentication options will be disabled and a link is displayed to the user that takes them to a registration page. Your users must register at least one device in Duo to use these features. Disabling a user in Duo causes the Duo authentication options to be disabled in IdentityNow for the user. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |