-
Votes
2
Once a user has enrolled methods provide option to turn off LDAP ...
On a customer POC and they have Bluetooth and PIN as well as Proxcard and PIN enrolled however they still see LDAP Password as a method when logging into Desktop. They ...
Comments (2) | by: Kevin P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
12
MFA Smartphone native NetIQ App avoid additonal info after QR code ...
- Customer uses AAF Version: 5.6 and Access Manager 4.4. - Using the current version, an additonal info entry is offered after the scan of the QR code for an ...
Comments (3) | by: Karl P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
14
Periodically export database backup to network location
Right now you can manually export the database backup and then download it to your local machine. In the future, it is desirable that the database would automatically ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
8
Customize RADIUS Reply-Messages per method in a chain
Applications that correctly implement RADIUS will show the Reply-Message value sent from the AAF server when authenticating with a chain. Right now, the Reply-Message ...
Comments (2) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Allow IP address in multiple RADIUS events
We are leveraging the NAS Identifier in that each of our RADIUS configurations have an Event for each chain. This enables us to provide our users a clever way to select ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
4
Configurable RADIUS auto-enrollment behavior
Current status: When the RADIUS method is configured with a Radius client, a user is auto-enrolled in the RADIUS method no matter if they have an account in the ...
Comments (3) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
4
Search for tokens
In an environment where there are a bunch of tokens, the pagination makes it tough to find a specific token. You need to search each page and you can easily need to ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
4
Configure appliance proxy settings through Configuration portal
It would be convenient to be able to set the proxy settings in the Configuration portal of the appliance versus having to do it through yast.
Comments (2) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
8
Use SSL for AD repository DNS discovery
When using DNS discovery for AD repositories, there should be an option to add them as SSL-enabled on port 636. Today when using DNS discovery for AD repositories, they ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
Configure endpoint whitlist based on ad group
We would like the ability to configure endpoints whitlist based on ad/eDirectory group, not by specifying the endpoints directly.
Comments (2) | by: Yarden B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
5
Add more than one bluetooth authenticator device
Customer ask for ability to configure more than one bluetooth device as an authenticator. For example, to use either smart watch or smartphone.
Comments (0) | by: Yarden B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
6
Forward other logs besides Syslog
We would like to be able to forward more than just the 'Syslog' log to a syslog server. We find the other logs having valuable information and being able to forward all ...
Comments (4) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
pin expiry reminder
Could you add a reminder on login if a PIN is about to expire soon? Ideally I can configure how many days before expiry the reminder comes up.
Comments (1) | by: Hauke B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
8
1:n matching for Fingerprint
Requested by: several customers Currently 1:n matching is supported for the card and PKI methods. Our customers also want this for fingerprint authentication as well.
Comments (6) | by: Hauke B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Provide a country code dropdown when enrolling in SMS OTP
The user should be provided a dropdown box with a list of country codes that they must select before they can save their phone number for the SMS OTP. This forces their ...
Comments (3) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Define authentication levels for each individual chain
We have an enterprise access management/SSO application (ForgeRock OpenAM) used to protect web applications. We are looking to integrate Advanced Authentication with it ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Add date/time parameter for Email OTP method
We want to have the ability to configure date/time parameter. Currently we're limited in what we can configure in the email template. By sending date/time, users can for ...
Comments (1) | by: I e. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
Option to use repositories instead of groups
Everywhere we can limit something by group, it would be nice to be able to limit by repository as well. We have a repository that contains only user objects. We can ...
Comments (4) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
7
Configurable Offline OTP Cache Size
We have laptops setup to use 2 factor authentication on logon. Windows natively handles the caching of AD credentials properly (and can be configured via group policy). ...
Comments (6) | by: Mike R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Apply Advanced authentication by IP or wireless network (Windows ...
Hi Our client asks if the second factor can be applied only to users who are out of the office. They have the NAAF client installed on their Surface equipment and they ...
Comments (2) | by: Jonathan A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration