UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21. Read more.
UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21.Read more.
Cadet 3rd Class
Cadet 3rd Class
378 views

Authentication method failover?

Jump to solution

Hello,

Is there a way to configure NAM for 2 authentication methods

 - If the first authentication method is successful, the user is allowed to access the application without the alternate method is prompted nor fulfilled.

 - If the first authentication method fails, prompt the alternate method.

I appreciate your help.

Thank you!!

0 Likes
1 Solution

Accepted Solutions
Micro Focus Expert
Micro Focus Expert

You can always use Risk Based Authentication to achieve the same. The success or failure of first authentication will generate a RISK score and based on the score you can decide whether to provide access/deny or an additional authentication.

calculate RISK -> find the Risk Level (Low, High, Medium) -> Take action.

Please check RISK Based Authentication for more details.

RISK can do much more. Please check one highly used case here : https://www.youtube.com/watch?v=uPuz92D9PSY&list=PL8CF91C38AB7DCB74&index=4

View solution in original post

2 Replies
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Hello jrochamtz,

You can configure more than one authentication method in Access Manager contract. But all methods in a contract must be satisfied. 

You can solve this use-case by developing custom authentication class.  For more details about how to write custom authentication class please refer Access Manager SDK  https://www.netiq.com/documentation/access-manager-45-developer-documentation/nacm_enu/data/b8q8v9v.html

Regards,
Sangeetha

 

0 Likes
Micro Focus Expert
Micro Focus Expert

You can always use Risk Based Authentication to achieve the same. The success or failure of first authentication will generate a RISK score and based on the score you can decide whether to provide access/deny or an additional authentication.

calculate RISK -> find the Risk Level (Low, High, Medium) -> Take action.

Please check RISK Based Authentication for more details.

RISK can do much more. Please check one highly used case here : https://www.youtube.com/watch?v=uPuz92D9PSY&list=PL8CF91C38AB7DCB74&index=4

View solution in original post

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.