Manage Connection Settings for the Cloud Authentication Service

Document created by RSA Information Design and Development on Jun 24, 2019
Version 1Show Document
  • View in full screen mode

You can connect RSA Authentication Manager to the Cloud Authentication Service to enable Approve authentication for your users when they access agent-protected resources. The easiest way to configure the connection is by clicking Configure the connection on the Security Console Home page and entering the details step-by-step as described in Connect RSA Authentication Manager to the Cloud Authentication Service. If you already did this, use this procedure to edit the connection settings as needed.

Before you begin 

  • A new Registration Code and Registration URL is required if you need to re-register Authentication Manager with the Cloud Authentication Service. You must re-register only if one of the following issues occur:

    • The access policy that was used for the original connection has been replaced with a different access policy. The access policy is configured and selected in the Cloud Administration Console.
    • The access policy name that was used for the original connection has changed.
    • The RSA Authentication Manager API Key used for the original connection has been deleted from the Authentication API Keys page or the Administration API Key page in the Cloud Administration Console. This disconnects Authentication Manager from the Cloud Authentication Service.

    You do not need to re-register if you configure or update the connection to a proxy server.

    If you need to obtain the Registration Code and Registration URL, see Connect Your Cloud Authentication Service Deployment to RSA Authentication Manager.

  • Your administrative role must permit you to manage Cloud Authentication Service users in the Authentication Manager User Dashboard. You must have selected Manage Cloud Authentication Service Users on the General Permissions tab. For more information, see Edit Permissions for an Administrative Role.

Procedure 

  1. In the Security Console, click Setup > System Settings.

  2. Click Cloud Authentication Service Configuration.

  3. If you need to connect Authentication Manager to the Cloud Authentication Service, do the following:

    1. Under Register Authentication Manager with the Cloud Authentication Service, copy and paste the Registration Code and the Registration URL from the Cloud Administration Console, or obtain this information from a Cloud Authentication Service Super Admin and manually enter it.

      For more information, see Connect Your Cloud Authentication Service Deployment to RSA Authentication Manager.

    2. Click Connect to the Cloud Authentication Service.

      A message indicates that the connection is established. The Cloud Authentication Service details are automatically updated and saved.

  4. To enable users to authenticate with multifactor authentication, under Cloud Authentication Service Configuration, click Enable Cloud Authentication.

    The following information is displayed:

    • The My Page URL and the Help Desk Administrator REST URL.

      Invited users will be able to log on to cloud-based RSA SecurID Access My Page self-service console to register their devices. Users complete device registration so that they can use the RSA SecurID Authenticate app to authenticate to protected applications.

      The Help Desk Administration REST URL is used for help desk operations, such as updating users and removing registered devices.

    • The Multifactor Authentication REST URL.
    • The Access Policy Name of the access policy that is used for multifactor authentication in the Cloud Authentication Service.
  5. If Authentication Manager is behind an external firewall, you can configure a connection to a proxy server before connecting to the Cloud Authentication Service. Do the following:

    1. Under Cloud Authentication Service Proxy Configuration, click Enable Proxy Configuration.
    2. In the Proxy Host field, enter the hostname or IP address of the proxy server. If you have an HTTP proxy server, enter the hostname. For example, www.example.com.
    3. In the Proxy Port field, enter the port used by the proxy server.
    4. In the Proxy Username field, enter the unique username for the proxy server.
    5. In the Proxy Password field, enter the unique password for your proxy server.
    6. If you made changes to your proxy server configuration, such as changing the username or password, restart the proxy server.
  6. Click Save.

After you finish 

You can choose to do the following:

 

 


Attachments

    Outcomes