On Demand Authentication

From Swivel Knowledgebase
Jump to: navigation, search


Overview

On-demand authentication

This is configured under Server > Dual Channel.

Options Yes/No, Default No

Normally a dual channel message is delivered to the user following an authentication, so that they will always have a security string available to them to login. Enabling on-demand authentication disables this behaviour, requiring an explicit request for a message to be sent. The message sent this mode must be used within the session timeout (default 120 seconds see Session Cleanup) to authenticate. On demand authentication will only send one security string at a time.

Methods of making an On Demand Security String request are:

Button in a login page (see below)

As a Taskbar, see Taskbar How to Guide

RADIUS Challenge and Response, see Challenge and Response How to Guide

See Also On Demand Delivery

On Demand Authentication Dual Channel Message Request

Virtual or hardware appliance

https://pinsafe_server_ip:8443/proxy/DCMessage?username=username

Software Only Install

http://pinsafe_server_ip:8080/pinsafe/DCMessage?username=username

Where username is the name of the user to whom the dual channel message should be sent


Troubleshooting

SMS Timeout

Resolving Security String Issues

Only one security string is sent. On demand authentication will only send one security string.

Retrieved from "https://kb.swivelsecure.com/w/index.php?title=On_Demand_Authentication&oldid=2571"