Authentication policy
Authentication policies are used to define general parameters to control authentication behavior. These include the following parameters:
- Failed authentication count
- Auto unlock
- Session token life
To create a new Authentication Policy, follow the steps below:
By default, there are two authentication policies in OpenIAM. However, the uses can easily create a customized one as needed. To create a new authentication policy:
- Login to the Webconsole
- Go to Policy -> Authentication Policy
- Click
Create new authentication policyfrom the side bar. You will see the form show below
Complete the form using the table below for reference.
| Parameter Name | Description |
|---|---|
| Auto unlock time | Time in minutes when a locked account will automatically unlock. |
| BaseDN | |
| Failed Auth count | Number of times where a consecutive authentication failure will lock the account |
| Fail Url | External URL where the user will be redirected after failed authentication attempts. This URL overrides default behavior and is not normally necessary. |
| Host login | |
| Host password | |
| Host URL | |
| Key Attributes | |
| Login Module Sel Policy | |
| Managed sys ID | |
| Protocol | Communication protocol: CLEAR, SSL, TLS. It is an important parameter to show what is going to be used a the back end to authenticate |
| Success URL | External URL where the user will be redirected after successful authentication. This URL overrides default behavior and is not normally necessary. |
| Token Issue | Name of the entity which issued the token |
| Token Life | Duration of the token session expressed in minutes. |