Authentication policy

Authentication policies are used to define general parameters to control authentication behavior. These include the following parameters:

  • Failed authentication count
  • Auto unlock
  • Session token life

To create a new Authentication Policy, follow the steps below:

By default, there are two authentication policies in OpenIAM. However, the uses can easuly create a customized one as needed. To create a new authentiication policy:

  • Login to the Webconsole
  • Go to Policy -> Authentication Policy
  • Click Create new authentication policy from the side bar. You will see the form show below

New Authentication policy

Complete the form using the table below for reference.

Parameter NameDescription
Auto unlock timeTime in minutes when a locked account will automatically unlock.
BaseDN
Failed Auth countNumber of times where a consecutive authentication failure will lock the account
Fail UrlExternal URL where the user will be redirected after failed authentication attempts. This URL overrides default behavior and is not normally necessary.
Host login
Host password
Host URL
Key Attributes
Login Module Sel Policy
Managed sys ID
ProtocolCommunication protocol: CLEAR, SSL, TLS. It is an important parameter to show what is going to be used a the back end to authenticate
Success URLExternal URL where the user will be redirected after successful authentication. This URL overrides default behavior and is not normally necessary.
Token IssueName of the entity which issued the token
Token LifeDuration of the token session expressed in minutes.