• Votes

    5

    Using the Smartphone app push notification to Accept/Decline ...

    During enrollment, we don't have a notification of the enrollment process that is acknowledged by the user being enrolled. So far the methods we have assume that the ...

  • Votes

    5

    Support for Configuring SMS Sender Policy Using a JSON Body or CURL ...

    Currently when configuring the SMS Sender policy we only support submitting parameters in the http request URL. I was working with a customer that uses Avaya as their ...

  • Votes

    5

    Define authentication levels for each individual chain

    We have an enterprise access management/SSO application (ForgeRock OpenAM) used to protect web applications. We are looking to integrate Advanced Authentication with it ...

  • Votes

    5

    AA should have a well-thought out configuration option for explicitly ...

    AA should have a well-thought out configuration option for explicitly designated AA Webserver role servers to turn off access to all portals ...

  • Votes

    5

    Ability to authenticate trough RADIUS if LDAP Passwor dis expired

    Please provide an option to allow authentication trough RADIUS if LDAP Password is expired. Today: It is not possible to authenticate trough the radius event with a ...

  • Planned

    5

    Add more than one bluetooth authenticator device

    Customer ask for ability to configure more than one bluetooth device as an authenticator. For example, to use either smart watch or smartphone.

  • Planned

    5

    Modify Client Login Extension

    We would like to request the client login extension link be shown before chain selection in the Windows agent. Currently it only shows up if the user selects the LDAP ...

  • Votes

    5

    Rolling over RADIUS authentication

    getting a possibility to check PIN + OTP on AA and once this is not accepting / valid fowarding the PIN and OTP to a 3rd party AAA server -> using then the Radius Client ...

  • Votes

    5

    Different set of security questions for different groups of users

    Currently when defining security questions, we define a set of questions applicable for the entire AA instance. It is desirable to have different sets of security ...

  • Votes

    5

    Separate out application logs into it's own tab/file

    Current situation: Application logs (in CEF) are written to Syslog. Syslog also has OS-related information written to it. It is sometimes difficult to find certain ...

  • Votes

    5

    Allow IP address in multiple RADIUS events

    We are leveraging the NAS Identifier in that each of our RADIUS configurations have an Event for each chain. This enables us to provide our users a clever way to select ...

  • Votes

    5

    Set CEF log forward policy per site

    We want to forward the CEF logs to our enterprise logging solution that has data collectors all over the globe. It would be desirable to set the Syslog destination on a ...

  • Votes

    5

    Ability to rename Interface field names (Especially the Interfaces ...

    I have a customer that rolled out AAF for enterprise users with SMS and TOTP as their authentication mechanisms. On roll out they noticed that helpdesk started receiving ...

  • Votes

    5

    pin expiry reminder

    Could you add a reminder on login if a PIN is about to expire soon? Ideally I can configure how many days before expiry the reminder comes up.

  • Votes

    4

    The exported report to include combined metrics from sites

    Currently reports generated only for site, where it was initiated. It will be nice to have an option to select is specific report should be generated by site or cluster.

  • Votes

    4

    Change or delete a single secret question

    We would like the ability to delete or change the answer to a single secret question. As it seems now, when a user wants to change the value for a secret question or have ...

  • Votes

    4

    SMS OTP and Mail OTP: Force number/mail validation during Save

    We would like to be able to force user to verify his email address / mobile number when they are adding/modofying manually an SMS OTP / Mail OTP method from ...

  • Votes

    4

    OTP Message should include a variable with the timestamp of the OTP

    On version 5.6U1 the SMS OTP method allows for specific variables to be added as part of the message to be sent to the user. At the moment, only 4 variables are available ...

  • Votes

    4

    Don't include Smartphone enrollments as part of backed up app data for ...

    This behavior was observed when a user migrated from an older iPhone to a new iPhone but may also apply to Android devices. Current situation: The Smartphone enrollments ...

  • Planned

    4

    Configurable RADIUS auto-enrollment behavior

    Current status: When the RADIUS method is configured with a Radius client, a user is auto-enrolled in the RADIUS method no matter if they have an account in the ...