Difference between revisions of "Mobile Security String Index"
m (1 revision imported) |
|
(No difference)
|
Latest revision as of 12:52, 11 May 2017
Contents
Overview
The Swivel mobile phone apps allow security strings and One Time Codes on the phone to be used for authentication. More recent versions of the apps, using Allow String Browsing allows the user to browse and select a security string or One Time Code for authentication, so it is possible to tell the user which security string to use for authentication.
For multiple security strings in transports such as SMS or email, see Multiple Security Strings How To Guide
Prerequisites
Swivel 3.8 or later
Mobile Phone App enabled user
The Swivel server needs to be able to accept the request for the String Index, either through a Proxy or a NAT connection.
Requesting the Security String Index
The security string Index is requested from the Swivel server using the following:
http://IP_Address:8080/pinsafe/TokenIndexImage?username=<username>
where username is the username for authentication
Testing
In a web browser make a request against the Swivel server with:
http://IP_Address:8080/pinsafe/TokenIndexImage?username=test
This should generate a log in the Swivel server as follows:
Token index image request for user test
Known Issues
Currently this command is not supported in the Swivel appliance proxy
Due to limitations within the RADIUS protocol, the Mobile Security String Index only works with PAP authentication and not CHAP or MSCHAP.
Troubleshooting
Check the Swivel logs for requests.