If you want to connect RSA Authentication Manager 8.5 to the Cloud Authentication Service, you can download and configure an identity router to each primary and replica instance. Every Cloud Authentication Service deployment requires at least one identity router.
The embedded identity router communicates with the Cloud Authentication Service and does the following:
- Connects the Cloud Authentication Service to your identity sources.
- Enforces access policies, which determine which applications users can access, when additional authentication is needed, and which authentication methods are required.
By deploying an embedded identity router in Authentication Manager, you can avoid the time and effort of deploying separate identity routers in your on-premises network or in the Amazon Web Services cloud.
The embedded identity router does not support single sign-on (SSO) or RADIUS. To use these features, deploy your identity router on another platform. For more information, see Identity Routers.
To deploy the embedded identity router, see Configure an Embedded Identity Router.