Mobile Security String Index

From Swivel Knowledgebase
Jump to: navigation, search


Overview

The Swivel mobile phone apps allow security strings and One Time Codes on the phone to be used for authentication. More recent versions of the apps, using Allow String Browsing allows the user to browse and select a security string or One Time Code for authentication, so it is possible to tell the user which security string to use for authentication.


For multiple security strings in transports such as SMS or email, see Multiple Security Strings How To Guide


Prerequisites

Swivel 3.8 or later

Mobile Phone App enabled user

The Swivel server needs to be able to accept the request for the String Index, either through a Proxy or a NAT connection.


Requesting the Security String Index

The security string Index is requested from the Swivel server using the following:

http://IP_Address:8080/pinsafe/TokenIndexImage?username=<username>

where username is the username for authentication


Testing

In a web browser make a request against the Swivel server with:

http://IP_Address:8080/pinsafe/TokenIndexImage?username=test

This should generate a log in the Swivel server as follows:

Token index image request for user test


Known Issues

Currently this command is not supported in the Swivel appliance proxy

Due to limitations within the RADIUS protocol, the Mobile Security String Index only works with PAP authentication and not CHAP or MSCHAP.


Troubleshooting

Check the Swivel logs for requests.