Documentation

 

 

If you are a new customer, for optimum performance, especially for large enterprises, install the SecureAuth RADIUS server separately from the IdP or Identity Platform server. If in doubt, contact SecureAuth Support.

  • SecureAuth IdP version 9.1 or later
  • Hybrid: Authentication API (v9.1+) configured and enabled on the realm
  • Cloud: Authentication Apps (19.07+) configured and enabled on Identity Platform, plus Authentication API (v9.2+) configured and enabled on the realm

Supported SecureAuth IdP features

See the SecureAuth compatibility guide for product and component compatibility with operating systems, Authenticate app, browsers, Java, data stores, identity types, SSO/post-authentication actions, Login for Windows, Login for Mac, and YubiKey.

SecureAuth IdP featuresSecureAuth IdP versionConfiguration notes
Adaptive Authentication

v9.1+

Configure threat checking for:

  • User Groups – See Adaptive Authentication for RADIUS responses with user group checking enabled.
  • End user Client IPs – Cisco, NetScaler, and Palo Alto Networks platforms only.
Push-to-Accept

v9.1+


Attribute Mapping

v9.1+

Configure and enable Identity Management API (v9.1+) on the realm to grant / deny end user login access.

Group based authentication – Optionally configure Membership Connection Settings  to grant / deny login access:

  • Specify the name of the user group to be granted / denied access, or
  • Designate a Property from Profile Fields to identify the user group to be granted / denied access.
UPN Logon

v9.1+


Multi-Factor Authentication methods

SecureAuth IdP versionSecureAuth IdP v9.x supported server and required components
Time-based One-Time Passcode (TOTP)v9.1+

NetMotion Wireless VPN:

  • PEAP protocol support requirements:
    • Public or private certificate
    • .PFX file
    • Private Key and Private Key Password
  • Microsoft Visual C++ requirements:

NOTE: SecureAuth employees, refer to NetMotion Mobility RADIUS configuration guide.

HMAC-based One-Time Passcode (HOTP)v9.1+
SMS (OTP only)v9.1+
Phonev9.1+
Email (OTP only)v9.1+
Passcode OTP (Push Notification)v9.1+
Mobile Login Requestv9.1+
PINv9.1+
Yubico OTP Tokenv9.2+
Symbol-to-Accept (Protect package and higher only)v9.3+
Fingerprint Recognition (Prevent package only)v19.07+, using 2019 theme
Face Recognition (Prevent package only)v19.07+, using 2019 theme
  • No labels