Authentication and security
Configure authenticators, risk engines, resource rules, and authentication methods to protect access to your applications and APIs.
Topics in this section
Manage group policies
Group policies allow you to override global settings for particular groups of users. When you create a group policy and change a setting, the change applies to the group assigned to the policy. For example, you have a group of users, such as users of a bank who authenticate to your banking system using OTP. For enhanced security purposes, you want the length of the OTP to be longer than the length set in the Global settings but your other users do not need the enhanced security. With the group policy, you can override the OTP length in the group policy setting for the users requiring enhanced security and maintain the OTP length set in the Global settings for your members that do not belong to the group.
Manage authenticators
18 items
Manage external risk engines
3 items
Create and manage resource rules
4 items
Manage Certificate Authorities
5 items
Configure domain controller certificates
2 items
Manage Device Verification
3 items
Manage Smart Login
5 items
Manage Cross Origin Resource Sharing (CORS)
The Cross Origin Resource Sharing (CORS) feature prevents a Web page from making a request initiated from another origin. When enabled, other origins can make API calls to your account. By default, CORS is enabled for new IDaaS accounts.
Manage IP Lists
You can configure IPs and CIDRs (Classless Inter-Domain Routing) as IP Lists and add them to an Administration API application. IP Lists restrict user access only to IDaaS Admin API applications linked to the IP addresses included in the IP List. IP Lists can also be associated to IP source addresses in resource rules to be used to restrict user access based on the IPs defined in the list.
Passkey
4 items