This section describes how to integrate ZPE Nodegrid with RSA Authentication Manager using SecurID Authentication API.
Configure RSA Authentication Manager
To configure the integration with RSA Authentication Manager, you must enable the REST Service and then create an authentication agent.
Sign into the Security Console and browse to Setup > System Settings > REST Service, mark the checkbox to enable REST Service and make note of the Agent Credentials. The Agent Credentials will be needed during configuration of the agent.
Browse to Access > Authentication Agents and click Add New. Enter the name of your authentication agent in the Hostname field and click Save.
Configure ZPE Nodegrid
Perform these steps to configure ZPE Nodegrid as an authentication API client to RSA Authentication Manager.
1. Sign into Nodegrid Web Interface as admin, browse to Security > Authentication > 2-Factor and click Add.
2. Configure the 2-Factor settings and then scroll down to the RSA section.
- Enter a Name to identify the method. For example: SecurID
- Select RSA from the Method drop-down menu.
- Select enabled from the Status drop-down menu.
3. Configure the RSA server settings and click Save.
- REST URL: Enter the REST URL for the RSA Authentication Manager you wish to authenticate with. For example: https://am1.domain.local:5555/mfa/v1_1/authn
- Enable Replicas: Mark the check box and enter up to 15 AM replica REST URLs (one per line).
- Client Key: Enter the RSA SecurID Authentication API Access Key located in the RSA Authentication Manager Security Console.
- Client ID: Enter the name of the corresponding authentication agent host name as specified in the RSA Authentication Manager Security Console.
4. After saving, edit the RSA 2-Factory method and upload the certificate which allows Nodegrid to trust RSA Authentication Manager.
- Follow the steps in this link to acquire the certificate for RSA Authentication Manager.
- Click the Certificate button, upload the certificate file and click Apply.
Next Step: Proceed to the Use case configuration section for the steps to apply this configuration to the use case.