• Votes

    3

    Disable modification of automatically enrolled Authenticators in the ...

    Some Authenticators are automatically created by Advanced Authentication, e.g. LDAP password. If you click on the Authenticator in the Self-Service portal, the Edit page ...

  • Votes

    3

    Want a way to get a report on linked credentials

    So want to know is there a way to get a report on linked credentials 2018-10-04T14:18:38.864705 (UTC+0000)+00:00 aafapp CEF:0|AAA|Core|5.0|101|User was successfully ...

  • Votes

    13

    Windows Client Login offline Master token

    When we install the Windows Client on a device, we can enable the Offline login to permit the user to access their computer when they do not have access to internet. ...

  • Planned

    8

    Extend Radius server by PEAP support

    Currently Radius server supports only PAP while new (esp. mobile) devices use PEAP. It's the reason customers may not use AA for Radius & mobile device combination and ...

  • Votes

    2

    Add Gemalto Safenet Seedfile format

    We have a customer wanting to replace a 350 user Gemalto Token Solution for Citrix Netscaler Login. They would like to keep on using the token hardware but Gemalto has a ...

  • Planned

    11

    Allow more than one smartphone\PKI card for user

    We want to be able to use more than one smartphone\PKI card authenticators. For example, user has more than one smartphone and he want to be able to authenticate using ...

  • Planned

    3

    Reduce privileges for device service on Windows

    Hello, When device service is installed on Windows, it installs a windows service that runs with local\system account permissions. We want to be able to run it using a ...

  • Votes

    5

    Brute force / BOT Attack and Data leakage Prevention

    A change in authentication flow can help prevent brute force bot attacks: 1. Information leakage - valid usernames & passwords discovery 2. User lockout due to bad ...

  • Votes

    3

    Native U2F Support beyond chrome browser

    Since chrome support for FIDO U2F was added some time ago but now other browsers like Firefox support it as well. While it does work if enabled manually on older firefox ...

  • Votes

    2

    Remember the last chain used to authenticate to the workstation

    Current situation: When a user attempts to authenticate to a Windows workstation, the chains are displayed in the order that they were added in to the event in. Desired ...

  • Votes

    11

    Certificate filter - Hide expired certificates

    Please hide expired certificates in the "certificate list" during the PKI enrollment

  • Votes

    1

    only allow smartphone to access from the internet

    Some, especially small companies, do not have a SPI-firewall or reverseproxy-server. Nobody should get access to the AA server from the internet, except...Smartphones. ...

  • Votes

    7

    Kerberos Authentication for internal AD users

    It would be great, if we could allow internal AD members Kerberos integrated authentication.

  • Votes

    4

    view only admin category

    In the Admin UI there's currently no way to configure a "view only" account. Therefore a new role should be introduced so that a user can login on the Admin UI to reflect ...

  • Votes

    5

    Set CEF log forward policy per site

    We want to forward the CEF logs to our enterprise logging solution that has data collectors all over the globe. It would be desirable to set the Syslog destination on a ...

  • Votes

    2

    Multiple NAS Identifiers in a single RADIUS event

    Request: We would like to assign multiple NAS Identifiers to a single RADIUS event. Use case: We have F5 BIG IP load balancer to balance RADIUS traffic to our web ...

  • Votes

    5

    Extend REST-API - Assign User to existing OTP Token or Bulk import

    Please add these two functions in the Rest-API 1) Assign Users to an Existing OTP Token which is imported 2) Import for OTP tokens with Serialnumber & set a flag to make ...

  • Votes

    9

    Ability to deactivate self enrollment for specific methods

    In some cases it is desirable if a admin can configure that it is not possible for an user to (over)write specific methods in the self enrollment. For more flexibillity ...

  • Votes

    4

    Ability to select a 'local' export when importing a database

    Current situation: When importing a database, you must define a http or ftp location of the backup. Desirable situation: When importing a database, I should be able to ...

  • Planned

    6

    search field for locked user for the helpdesk portal / ability to ...

    It would be a good to add these two features. 1) Add search field to search for users in the locked users-list 2) If a user will be opened in the help desk (where you can ...