![]() The expiry time is set to the smaller time period present in all applicable policies. The user is assigned the stricter credential expiration policy, in the order Expire > Never Expire. The maximum credentials allowed is set to the larger of the numbers present in all applicable policies. The user is allowed access to only the credential types enabled in all applicable policies. If a user belongs to more than one group with different Credential policies, the user is assigned the stricter policy using the following rules: The Credentials policy defined at the group level always overwrites the account policy. Settings at the user group level overwrite the account policy settings for members of that user group. You can also customize the Credentials policy at the user group level. To set the Credentials policy for your VIP account:Ĭlick the Edit link to configure the Credentials policy settings. ![]() Note: You must also select the credential type or types that you want to allow for this policy in the Enable other credential types policy on this tab, and in the Enable temporary security codes policy on the Policy > Components tab. When the user attempts to log in without a credential, VIP obtains the configured out-of-band authentication methods from your identity store and automatically registers them as credentials for authentication. ![]() Whether VIP can automatically register a credential for a user using information from your identity store during the authentication flow. If you enable this option, VIP will not send SMS messages and voice calls to numbers outside the United States. Set whether VIP sends SMS messages and voice calls to non-US numbers. For more information, see Setting Credentials to Expire, later in this topic.Ĭhoose whether a credential can be registered to more than one end user within your organization at any one time. Set credentials to expire if users do not use them to successfully authenticate themselves after a specified amount of time. Select how many credentials an end user can have registered at any one time. Your selection does not affect previously-registered VIP credentials that may already be enabled.Įnable other credential types for your end users, including SMS text messages, Voice Calls, and Email messages. If you decide not to enable all VIP credentials by selecting No, you need to de-select the specific hardware and/or software credentials that you want disabled. These credentials include the VIP Security Card, VIP Security Token, and the VIP Access app. This policy allows you to:Įnable hardware and software VIP credentials that your end users can register within the VIP Self Service Portal. You can view and configure the policy for Credentials for your VIP account.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |