• Planned

    14

    Periodically export database backup to network location

    Right now you can manually export the database backup and then download it to your local machine. In the future, it is desirable that the database would automatically ...

  • Planned

    4

    Configurable RADIUS auto-enrollment behavior

    Current status: When the RADIUS method is configured with a Radius client, a user is auto-enrolled in the RADIUS method no matter if they have an account in the ...

  • Votes

    5

    Allow IP address in multiple RADIUS events

    We are leveraging the NAS Identifier in that each of our RADIUS configurations have an Event for each chain. This enables us to provide our users a clever way to select ...

  • Votes

    8

    Use SSL for AD repository DNS discovery

    When using DNS discovery for AD repositories, there should be an option to add them as SSL-enabled on port 636. Today when using DNS discovery for AD repositories, they ...

  • Votes

    4

    Configure appliance proxy settings through Configuration portal

    It would be convenient to be able to set the proxy settings in the Configuration portal of the appliance versus having to do it through yast.

  • Votes

    4

    Search for tokens

    In an environment where there are a bunch of tokens, the pagination makes it tough to find a specific token. You need to search each page and you can easily need to ...

  • Votes

    4

    Ability to select a 'local' export when importing a database

    Current situation: When importing a database, you must define a http or ftp location of the backup. Desirable situation: When importing a database, I should be able to ...

  • Votes

    2

    Multiple NAS Identifiers in a single RADIUS event

    Request: We would like to assign multiple NAS Identifiers to a single RADIUS event. Use case: We have F5 BIG IP load balancer to balance RADIUS traffic to our web ...

  • Votes

    5

    Set CEF log forward policy per site

    We want to forward the CEF logs to our enterprise logging solution that has data collectors all over the globe. It would be desirable to set the Syslog destination on a ...

  • Planned

    4

    Increase max email OTP TTL

    Current situation: The max email OTP TTL is set at 360 seconds. Desired situation: We have the need for the email OTP TTL to be set at a higher value. Please allow the ...

  • Votes

    5

    Separate out application logs into it's own tab/file

    Current situation: Application logs (in CEF) are written to Syslog. Syslog also has OS-related information written to it. It is sometimes difficult to find certain ...

  • Votes

    2

    Remember the last chain used to authenticate to the workstation

    Current situation: When a user attempts to authenticate to a Windows workstation, the chains are displayed in the order that they were added in to the event in. Desired ...

  • Votes

    4

    Allow the servers used by a repository to be configured on one site ...

    Current situation: The configuration for a repository is replicated to each site except for the servers. It requires the administrator set the servers on each site and ...

  • Planned

    6

    Hide offline OTP option if offline OTP is disabled in Smartphone ...

    Current situation: When offline OTP is disabled for the Smartphone method, the user is still presented the ability to authenticate with the offline OTP at the AAF web ...

  • Votes

    3

    Share secret questions between accounts

    Like PIN, HOTP, U2F, and others, we would like to be able to share secret questions from one account to another.

  • Votes

    3

    Share smartphone method between accounts

    Like PIN, HOTP, U2F, and others, we would like to be able to share the smartphone method from one account to another.

  • Votes

    6

    Syslog messages for failed attempts to AdminUI and Helpdesk events due ...

    Current situation: Today, when a user attempts to login to the AdminUI and authenticates successfully but does not have the proper authorization (i.e. does not have the ...

  • Votes

    6

    Provide Advanced Authentication as .ova in addition to .iso

    The Advanced Authentication appliance is only available as an .iso. In addition to .iso, we would like to have Advanced Authentication provided as an .ova in addition to ...

  • Votes

    3

    More descriptive confirmation message when deleting OTP token

    Current situation: When hitting delete on an OTP token, the confirmation dialog "Do you want to continue?" shows. From there you hit either OK or CANCEL. Desired ...

  • Votes

    3

    Different languages per email OTP template

    Today we can have customized method settings per event for email one time password. We would like to see this further extended so that within the customized method ...