Versions Compared

Old Version 5

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Adaptive Authentication rules can be assigned to any SSO application to force users to undergo further identity proofing before they can access that application under certain circumstances. EmpowerID provides two Adaptive Authentication rules that can be assigned to applications out of the box, the CheckLoginSpeed and the CheckUserDemographics rule.

  • CheckLoginSpeed — This rule checks the current time and location of the person attempting to login against the time and location of their last login to determine whether that person could reasonably do so under normal circumstances. For example, if the person logged in at 9:00AM from their office in Boston and then attempted to log in 45 minutes later from Seattle, this rule would consider the second log in attempt questionable as it would be impossible for the user to travel from Boston to Seattle in 45 minutes. The rule would then force the user to undergo further identity proofing.

  • CheckUserDemographics — This rule checks for missing person attributes, such as the user address or job title. If these attributes are missing, EmpowerID prompts the user to enter the missing information before proceeding to the application.

  • CheckPersonProofing — This rule checks to see if the person attempting to login has met the identity proofing requirements for your organization. If not, this rule would force the person to undergo further identity proofing.

Info

If your organization needs more rules, you can create them in Workflow Studio and publish them to your environment. Once published, you can add them to to your Password Manager policies as shown in this article.

...

Assign Adaptive Authentication

...

Rules

  1. From

    On the

    navigation sidebar

    navbar, expand 

    Applications and click Manage

    Single Sign-On and click Applications.

  2. From the Applications tab of the Find Applications page, search for the application to which you want to

    add an

    apply Adaptive Authentication

    Rule

    Rules and

    then

    click the Display Name link for that application.

    This opens Image Added

  3. On the Application Details page

    for the application. This page allows you to view information about the application and manage it as needed.
    From the Application Details page,

    that appears, select the SSO tab in the lower pane and expand the Adaptive Authentication Rules accordion

    and then click

    .

  4. Click the Add New Rule

    (+)

    button

    to the right of the grid

    .

    Image Added

  5. In the dialog that appears, do the following:

    1. Select the rule you want to assign to the application from the Rule drop-down.

    2. Set the priority for the rule in the Priority field. The lower the number the higher the priority. When more than one Rule is assigned to an application, EmpowerID directs users to the rule with the highest priority first and then to the rule with the next highest priority and so on.

    3. Click Save.

      Image Added


      Insert excerpt
      IL:External Stylesheet - Test
      IL:External Stylesheet - Test
      nopaneltrue