• Cloud Authentication Service Help - Table of Contents

        RSA SecurID Access Product OverviewRSA SecurID Access Overview Cloud Authentication Service Overview RSA SecurID Access Editions High-Level Authentication Flows for Relying Parties High-Level Authen...
    RSA Information Design and Development
    last modified by RSA Product Team
  • Configure Advanced Settings for a SAML Connection

      Advanced configuration settings for a connection between a SAML-enabled web application and RSA SecurID Access are optional. Complete these settings only if you are adding a connection to a SAML applicatio...
    RSA Information Design and Development
    last modified by Joyce Cohen
  • Update an Identity Router During Initial Deployment

         When you deploy a new identity router, you must update the identity router software using the Cloud Administration Console, even if you installed the latest version of the identity router template...
  • Change Your Account Name and Password in the Cloud Administration Console

      The first time you sign into the Cloud Administration Console, RSA recommends that you change your password. After the first sign-in, you must change your password at least every 90 days. Your account is lock...
  • Add a SAML Version 2 SSO Agent Identity Provider

       Using an external SAML Version 2 SSO Agent identity provider (IdP), the identity router can automatically authenticate users who access protected applications while they are authenticated to the SAML IdP...
  • Enable RADIUS on Identity Routers in a Cluster

       As part of the RADIUS setup process, you must enable RADIUS on the identity routers in each cluster that communicates with RADIUS client devices.   Before you begin You must be a Super Admin...
  • User Application Portal

       In an SSO Agent deployment, you can configure a user application portal to help users find and access protected applications. The portal provides links to available applications and helps handle user au...
  • Install the RADIUS Custom Web Client Interface

       RSA provides a customized web client interface for clientless SSL VPN authentication on some types of RADIUS client devices. The custom web client improves the authentication experience for users who aut...
  • Cloud Administration Update SMS and Voice Phone API

    The Cloud Administration Update SMS and Voice Phone API enables Help Desk administrators to update a user's SMS Tokencode or Voice Tokencode phone number when it has changed. The API also can add an SMS Tokencode...
  • Identity Router

      An identity router is a virtual appliance that enforces authentication and access for users of protected resources. An identity router consists of the following services.       ...
  • Cloud Administration Unlock User Tokencodes API

    The Cloud Administration Unlock User Tokencodes API enables Help Desk administrators to unlock a user's Authenticate Tokencode, SMS Tokencode, and Voice Tokencode. Note:  The client requests the Cloud Administra...
  • Cloud Administration Synchronize User API

    Use the Cloud Administration Synchronize User API to synchronize the details of a single user between an identity source and the Cloud Authentication Service. Authentication Clients calling this API to synchronize a...
  • Load Balancer Requirements

       In an SSO Agent deployment, you can configure a load balancer to direct network traffic evenly among multiple identity routers in a cluster, and to enable other high-availability features such as keychai...
  • Cloud Authentication Service User Requirements

       The Cloud Authentication Service can prompt users for authentication through RADIUS clients, a browser to access web applications, or the RSA SecurID Authenticate app. Your users must meet the following ...
  • Cloud Administration Mark User Deleted API

    The Cloud Administration Mark User Deleted API can do the following: Mark an inactive user as pending for future deletion. The marked user will be deleted from the Cloud Authentication Service when automatic bulk ...
  • List of Trusted Certificate Authorities for HFED and Trusted Headers Applications

    The identity routers automatically trust the certificate authorities (CAs) in the following list. For more information on trusted CAs, see Cloud Authentication Service Certificates. AAA Certificate Services - Como...
  • Manage My Applications

      My Applications in the Cloud Administration Console is a list of applications in the application portal that are available for authenticated users to access using single sign-on (SSO) in an SSO Agent deployme...
  • Add an Application Using HTTP Federation Proxy

      The HTTP Federation (HFED) Proxy method enables you to configure a connection to a web application that does not support Security Assertion Markup Language (SAML) and that uses a sign-in form to authenticate u...
  • Update Identity Router Software for a Cluster

       You manage updates separately for each cluster in your deployment. You can update each cluster immediately, or schedule automatic updates to occur at dates and times that you specify. You can schedule a...
  • Manage Authentication Sources

    Use the Authentication Sources page to view the list of authentication sources in your deployment and to perform related tasks. Authentication sources are configured using the Cloud Administration Console. You must be...