Windows Credential Provider with RBA

From Swivel Knowledgebase
Jump to: navigation, search


Introduction

From AuthControl Sentry v4.0.5, you can use your RBA rules with AuthControl Credential Provider to disable 2fa in case the user has enough points.

Prerequisites

AuthControl Credential Provider v5.4.2

AuthControl Sentry v4.0.5

Limitations

Certificate rule does not work with WCP

RBA Configuration

In AuthControl Sentry SSO administration page you have a new application type WCP. Add a new application.

Wcprba1.PNG

Wcprba2.PNG

Select WCP.

Wcprba3.PNG

Enter a name, the required points for authentication without 2fa, the entity ID must be wcp and click Save.

If you haven't configure any rules, please look at Authcontrol v4 Sentry SSO and Adaptive Authentication.

WCP Configuration

Open AuthControl Credential Provider Configuration

CredentialProvider2ConfigurationNew.png

enter the Swivel SSO Port as 8443 and Swivel SSO Context as sentry. This will enable the check for RBA rules in WCP.

Authenticating

When you try to login now it will check for the rules. If the user has enough points, it will allow authentication without using 2fa.

RBA with fingerprint

If you have Biometric Identification active, you can use this to give more points to RBA and disable 2fa.

Retrieved from "https://kb.swivelsecure.com/w/index.php?title=Windows_Credential_Provider_with_RBA&oldid=4724"