Authentication Configuration
From iDENprotect Knowledge Base
If you have not made any configuration changes yet, please see How to make configuration changes
Introduction
idenprotect Core Platform can use the Secure Enclave keys for signing transactions. For example, if someone creates or modifies an Active Directory account they can be asked to authorize this transaction.
Configuring Authentication
This configuration can be found in: -
- Authentication section in the idenprotect Core Platform Admin Console Config Tab
- Server file system in
/etc/idenprotect/authorization.properties
| Parameter in Config Tab | Parameter in Properties File | Description |
|---|---|---|
Is Authorization Allowed?
|
policy.authorization.allowed
|
This policy determines if the mobile client should display an authorization button |
Authorization Session Expiry
|
policy.authorisation.session.expiry
|
The number of seconds that an expiry session will be valid for |
Certificate Based Identification Policy
|
policy.identification.certPolicy
|
How a user is matched from a presented certificate |
Maximum Failed Login Attempts
|
policy.max.failed.login.attempts
|
The maximum number of failed login attempts permitted by a user before their account is locked |
Maximum Idle Days
|
policy.max.idle.days
|
The maximum number of days a user can go without activity before their account is idle-locked |
Maximum Event History
|
policy.max.event.history
|
The maximum number of recent events to keep and display for a user |
