Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Adaptive Authentication rules can be assigned to any Single Sign-On (SSO) application to force require users to undergo further additional identity proofing before they can access that accessing the application under certain circumstancesconditions. EmpowerID provides two the following out-of-the-box Adaptive Authentication rules that can be assigned to applications out of the box, the CheckLoginSpeed and the CheckUserDemographics rule.policies:

  1. CheckLoginSpeed – This rule

...

  1. compares the current time and location of the person attempting to

...

  1. log in with the time and location of their last login to determine whether

...

  1. the login attempt is reasonable under normal circumstances. For

...

  1. instance, if

...

  1. a person logged in at 9:00 AM from their office in Boston and then attempted to log in 45 minutes later from Seattle, this rule would consider the second login attempt questionable

...

  1. due to the impossibility of traveling from Boston to Seattle

...

  1. within 45 minutes. The rule would then

...

  1. require the user to undergo further identity proofing.

  2. CheckUserDemographics – This rule

...

  1. examines missing person attributes, such as the user's address or job title. If these attributes are

...

  1. absent, EmpowerID prompts the user to

...

  1. provide the missing information before

...

  1. granting access to the application.

  2. CheckPersonProofing – This rule

...

  1. verifies if the person attempting to log in has

...

  1. satisfied the identity-proofing requirements for your organization. If not, this rule

...

  1. enforces further identity proofing.

Info

If your organization needs more rules, you can create them in Workflow Studio and publish them to your environment. Once published, you can add them to to your Password Manager policies applications as shown in this article.

Assign Adaptive Authentication Rules

  1. On the navbar, expand Single Sign-On and click Applications.

  2. From the Applications tab of the Find Applications page, search for the application to which you want to apply Adaptive Authentication Rules and click the Display Name link for that application.

    Image Modified

  3. On the Application Details page that appears, select the SSO tab in the lower pane and expand the Adaptive Authentication Rules accordion.

  4. Click the Add New Rule button.

    Image Modified

  5. In the dialog that appears, do the following:

    1. Select the rule you want to assign to the application from the Rule drop-down.

    2. Set the priority for the rule in the Priority field. The lower the number, the higher the priority. When more than one Rule is assigned to an application, EmpowerID directs users to the rule with the highest priority first

...

    1. , then to the rule with the next highest priority, and so on.

    2. Click Save.

      Image Modified

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue