Authentication Configuration

From idenprotect Knowledge Base
Jump to: navigation, search

If you have not made any configuration changes yet, please see How to make configuration changes

Introduction

idenprotect Core Platform can use the Secure Enclave keys for signing transactions. For example, if someone creates or modifies an Active Directory account they can be asked to authorize this transaction.


Configuring Authentication

This configuration can be found in: -

  • Authentication section in the idenprotect Core Platform Admin Console Config Tab
  • Server file system in /etc/idenprotect/authorization.properties
Parameters for One Time Passcode
Parameter in Config Tab Parameter in Properties File Description
Is Authorization Allowed? policy.authorization.allowed This policy determines if the mobile client should display an authorization button
Authorization Session Expiry policy.authorisation.session.expiry The number of seconds that an expiry session will be valid for
Certificate Based Identification Policy policy.identification.certPolicy How a user is matched from a presented certificate
Maximum Failed Login Attempts policy.max.failed.login.attempts The maximum number of failed login attempts permitted by a user before their account is locked
Maximum Idle Days policy.max.idle.days The maximum number of days a user can go without activity before their account is idle-locked
Maximum Event History policy.max.event.history The maximum number of recent events to keep and display for a user