Authentication policy

Authentication policies are used to define general parameters to control authentication behavior. These include the following parameters:

  • Failed authentication count.
  • Auto unlock.
  • Session token life.

To create a new Authentication Policy, follow the steps below.

By default, there are two authentication policies in OpenIAM. However, the uses can easily create a customized one as needed. To create a new authentication policy:

  • Login to webconsole.
  • Go to Policy > Authentication Policy.
  • Click Create new authentication policy from the side bar. You will see the form shown below.

New Authentication policy

Complete the form using the table below for reference.

Parameter NameDescription
Auto unlock timeTime in minutes when a locked account will automatically unlock.
BaseDN
Failed Auth countNumber of times where a consecutive authentication failure will lock the account.
Fail UrlExternal URL where the user will be redirected after failed authentication attempts. This URL overrides default behavior and is not normally necessary.
Host login
Host password
Host URL
Key Attributes
Login Module Sel Policy
Managed sys ID
ProtocolCommunication protocol: CLEAR, SSL, TLS. It is an important parameter to show what is going to be used at the back end to authenticate.
Success URLExternal URL where the user will be redirected after successful authentication. This URL overrides default behavior and is not normally necessary.
Token IssueName of the entity which issued the token.
Token LifeDuration of the token session expressed in minutes.