Configure RSA Authentication Manager as a Secure Proxy Server for the Cloud Authentication Service

Document created by RSA Information Design and Development Employee on Jul 27, 2020Last modified by RSA Information Design and Development Employee on Jan 19, 2021
Version 4Show Document
  • View in full screen mode

You can configure RSA Authentication Manager 8.5 to act as a secure proxy server for the Cloud Authentication Service. User authentication requests are automatically forwarded to the Cloud Authentication Service, and you can configure high availability, which allows authentication to continue when the Cloud Authentication Service or the connection is unavailable or too slow.

You may need to do additional configuration steps to use these features.

Procedure 

  1. REST protocol authentication agents require credentials to securely access Authentication Manager. See Configure the RSA SecurID Authentication API for Authentication Agents.
  2. Connect Authentication Manager to the Cloud Authentication Service.

    While connecting, do not clear the Send Multifactor Authentication Requests to the Cloud checkbox.

    For instructions, see the following:

  3. In the Cloud Administration Console, create an access policy for the authentication agents that are connected to the Cloud Authentication Service, or plan to use an existing access policy. For instructions, see Planning Resource Protection with Access Policies and Access Policies.
  4. Configure your authentication agents to use Authentication Manager to direct authentication requests to the Cloud Authentication Service. For instructions, see your agent documentation.

After you finish 

  • When RSA Authentication Manager cannot communicate with the Cloud Authentication Service, users can access RSA SecurID protected resources with RSA SecurID authentication and Authenticate Tokencode. Authentication Manager always validates RSA SecurID authentication. Authentication Manager must download High Availability Tokencode records to prompt users for Authenticate Tokencode. See Configure High Availability Tokencodes.
  • Some newer authentication agents can automatically download offline emergency access codes for users who access the authentication agent. Users can continue to authenticate if the connection to Authentication Manager or the Cloud Authentication Service is not available. For more information, see Emergency Tokencode.
  • Authentication Manager automatically downloads offline data day files that some newer authentication agents can use for uninterrupted authentication to the Cloud Authentication Service. For instructions, see your authentication agent documentation.

 

 

 

You are here
Table of Contents > RSA Authentication Manager as a Proxy Server to the Cloud > Configure RSA Authentication Manager as a Secure Proxy Server for the Cloud Authentication Service

Attachments

    Outcomes