• Votes

    3

    Device Fingerprint

    Hi, At the moment, we could define 2 Chains whereby Chain1 is LDAP Password+Smartphone and Chain2 is LDAP Password for example. Chain 1 is used for the 1st time and ...

  • Votes

    3

    Configurable grace period before a user is deleted from AA due to not ...

    Repositories will do a periodic sync. A user is deleted from an AA repository if they are not returned in the result set of a repository sync. Deleting a user from AA is ...

  • Votes

    3

    Want a way to get a report on linked credentials

    So want to know is there a way to get a report on linked credentials 2018-10-04T14:18:38.864705 (UTC+0000)+00:00 aafapp CEF:0|AAA|Core|5.0|101|User was successfully ...

  • Votes

    3

    Add simpleSAML to Appliance for testing and POC

    Would like ability to have simpleSAML on appliance. Mainly quick and simple to setup and test. As a reference the following I found in the Internet just do not like the ...

  • Votes

    3

    TOTP Enrollment with serial via public api

    We would like to enroll hardware TOTP tokens via public API with unprivileged session, in combination with token serial plus first OTP. Request example: ...

  • Votes

    3

    CEF Log Forward Policy Increase the Number of Servers

    Today we have the Option to set only one Server. But if we can increase the number of servers, we have the option to spread the logfiles. This would a better solution ...

  • Votes

    3

    Native U2F Support beyond chrome browser

    Since chrome support for FIDO U2F was added some time ago but now other browsers like Firefox support it as well. While it does work if enabled manually on older firefox ...

  • Planned

    3

    Reduce privileges for device service on Windows

    Hello, When device service is installed on Windows, it installs a windows service that runs with local\system account permissions. We want to be able to run it using a ...

  • Votes

    3

    Disable modification of automatically enrolled Authenticators in the ...

    Some Authenticators are automatically created by Advanced Authentication, e.g. LDAP password. If you click on the Authenticator in the Self-Service portal, the Edit page ...

  • Planned

    3

    A way to delete OATH seed-files more than one per selection.

    A way to delete OATH seed-files more than one per selection. If we would get a checkbox for the selection of the file to be deleted. To delete several Seed-files at once.

  • Votes

    3

    automatic re-enrollment

    When a user has installed the AA Smartphone app, if they reset their phone, when they re-install and re-enroll it will be a separate enrollment; the original enrollment ...

  • Votes

    3

    Ability to specify the shortname deliminator and placement

    For a RADIUS Server event, you can specify multiple chains which is very helpful in allowing the user to choose the best method to which they have enrolled - similar to ...

  • Votes

    3

    Configure endpoint whitlist based on ad group

    We would like the ability to configure endpoints whitlist based on ad/eDirectory group, not by specifying the endpoints directly.

  • Votes

    3

    configurable methods or adding custom methods with different ...

    We want through the methods settings yesterday and when looking into the fingerprint options there was a threshold value to be adjusted. Some other adjustments in other ...

  • Votes

    3

    Only Allow Simple Chain On Same Workstation Where High Security Chain ...

    Add a feature that stops user based simple chain use. Normally if a use authenticates using a high security chain they are able to then use the simple chain on any ...

  • Votes

    3

    Disallow modifications to the Email OTP authenticator method from end ...

    There is no ability to disable modifications made to the Email OTP Authenticator via the end user portal. The end user is now able to edit the default email address for ...

  • Votes

    3

    Disallow modifications to the SMS OTP authenticator method from end ...

    There is no ability to disable modifications made to the SMS OTP Authenticator via the end user portal. The end user is now able to edit the default cell phone number ...

  • Votes

    3

    Linux Simple Chain After Successful Auth With High Security Chain

    Add the feature for Linux systems to be able to behave like the Windows Client allowing for a simple chain to be used after a high security chain has been authenticated ...

  • Votes

    3

    Voice Call method phone number self enroll / register

    The newer Voice OTP has a feature that allows the user to add his/her phone number during enrollment whereas the Voice Call (requires PIN) method requires this to come ...

  • Votes

    2

    REPOSITORY - Other - AD

    Customer has NETBIOS disabled. Cannot create AD Repo, we used "Other" and have to change each attribute to match AD. Possibly create Other - AD that has all the correct ...