Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

Cloud Authentication Service Help - Table of Contents

Document created by RSA Information Design and Development on Oct 20, 2017•Last modified by RSA Product Team on Mar 23, 2020

Version 86Show Document

Like • Show 1 Like1
Comment • 0
View in full screen mode

RSA SecurID Access Product Overview
- RSA SecurID Access Overview
- Cloud Authentication Service Overview
- RSA SecurID Access Editions
- High-Level Authentication Flows for Relying Parties
- High-Level Authentication Flow for RADIUS for the Cloud Authentication Service
- High-Level Authentication Flows for the SSO Agent
- Administration Console Dashboard
- Supported Browsers for the Cloud Administration Console
- Publishing Changes to the Identity Router and Cloud Authentication Service
Administrators
- Administrative Roles for the Cloud Administration Console
- Manage Administrators for the Cloud Administration Console
- Add Administrators for the Cloud Administration Console
- Change Your Account Name and Password in the Cloud Administration Console
- Reset Forgotten Password in the Cloud Administration Console
- Change the Identity Router Administrator Password Using the Identity Router Setup Console
- Edit Administrator Settings on the Cloud Administration Console
- Delete an Administrator Account from the Cloud Administration Console
Company Settings
- Configure Company Information and Certificates
- Protected Domain Name
- Configure Session and Authentication Method Settings
- Password Lockout Examples
- Protect the Cloud Administration Console with Additional Authentication
- Configure Company Settings
Identity Routers
- Planning Your Identity Router Deployment
- Installing and Configuring Identity Routers
- Managing Identity Routers
Identity Sources
- Identity Sources for the Cloud Authentication Service
- Directory Server Attributes Synchronized for Authentication
- LDAPv3 Server Requirements to Enable Expired Password Handling in the Application Portal
- LDAPv3 User Verification for the Cloud Authentication Service
- Manage Identity Sources for the Cloud Authentication Service
- Add an Identity Source for the Cloud Authentication Service
- Manually Synchronize an Identity Source for the Cloud Authentication Service
- Schedule Identity Source Synchronization for the Cloud Authentication Service
- Test the Connection Between an Identity Router and a Directory Server
- Delete an Identity Source from the Cloud Authentication Service
Assurance Levels
- Assurance Levels
- Configure Assurance Levels
- Evaluating Assurance Levels and Primary Authentication Status for Returning Authentication Methods
- User Session and Single Sign-On
Access Policies
- Planning Resource Protection with Multifactor Authentication
- Access Policies
- Condition Attributes for Access Policies
- Virtual Attributes in Access Policies (Active Directory Only)
- Portal Multifactor Authentication Policy
- Device Registration Using Password Policy
- Preconfigured Access Policies
- Access Policy Examples
- Add a Trusted Location
- Delete a Trusted Location
- Add a Trusted Network
- Delete a Trusted Network
- Add an Access Policy
- Operators for Using LDAP Attributes in Access Policies
- Clone an Access Policy
- Delete an Access Policy
- View Access Policy Usage
- Manage Access Policies
Clusters, High Availability, and Backups
- Clusters
- Manage Clusters
- Configure High Availability for Cloud Authentication Service Deployments
- Load Balancer Requirements
- Add a Cluster
- Enable RADIUS on Identity Routers in a Cluster
- Cluster Relationships
- Add a Cluster Relationship
- View Cluster Relationship Status
- Delete a Cluster
- Delete a Cluster Relationship
- HFED User Profiles and Backup Configuration
- Manage Cluster Backups
- Calculating Storage Space for HFED User Profile Backup Files
- Configure Backup Settings for a Single Cluster
- Configure an Automated Backup Schedule for All Clusters in the Deployment
- Back Up Now for a Single Cluster
- Restore a Backup for a Single Cluster
- Delete a Backup Configuration for a Single Cluster
Relying Parties
- Relying Parties
- SAML 2.0 Requirements for Service Providers
- Add a Relying Party
- Add a Service Provider
- Manage Relying Parties
- Example: SAML IdP for Cloud Authentication Service Assertion
RADIUS
- RADIUS for the Cloud Authentication Service Overview
- Deploying RADIUS for the Cloud Authentication Service
- Add a RADIUS Client for the Cloud Authentication Service
- Configure a RADIUS Profile for the Cloud Authentication Service
- Attributes for RADIUS Clients and Profiles for the Cloud Authentication Service
- Customize the RSA SecurID Access Web Interface for a Cisco Adaptive Security Appliance
- Manage RADIUS for the Cloud Authentication Service
Certificates
- Cloud Authentication Service Certificates
- Generate and Download a Certificate Bundle for Service Providers and Identity Providers for the SSO Agent
- List of Trusted Certificate Authorities for HFED and Trusted Headers Applications
- Upload Certificates for Trusted Certificate Authorities
- Delete a Trusted Certificate Authority Certificate
Integrated Windows Authentication
- Integrated Windows Authentication
- Deploying Integrated Windows Authentication
- Download the Integrated Windows Authentication Connector Installer
- Install the Integrated Windows Authentication Connector
- Add Integrated Windows Authentication as an Identity Provider
- Test Integrated Windows Authentication
- Enable Automatic Integrated Windows Authentication
Identity Providers
- Adding Identity Providers
- Manage Identity Providers
- Restricting Access to Automated SSO Agent IdPs Using Authentication Source Access Rules
- Add Cloud Identity Provider
- Add a SAML Version 2 SSO Agent Identity Provider
- Authentication Sources
- Manage Authentication Sources
- Add an Authentication Source
- Add Authentication Source Access Rules
- Reorder Authentication Sources
- Delete an Authentication Source
Web Applications
- Manage the Application Catalog
- Manage My Applications
- Add an Application to My Applications
- Delete an Application From My Applications
- Choosing a Connection Method to Add an SSO Agent Application
- SAML Applications
- Application Availability and Visibility
- Add a SAML Application
- Configure Advanced Settings for a SAML Connection
- Export SAML Metadata From an Application on the Identity Router
- HTTP Federation Proxy Applications
- Planning to Add an Application Using HTTP Federation Proxy
- HTTP Federation Proxy Planning Worksheet
- Add an Application Using HTTP Federation Proxy
- Trusted Headers
- Add an Application Using Trusted Headers
- Add a Bookmark Link in the Application Portal
- Deep Linking
User Application Portal
- User Application Portal
- Configure the Standard Web Application Portal
- Configure a Custom Portal Page for Web Applications
- Configure a Standard or Custom Application Portal Page
Authentication Methods and Emergency Access
- Authentication Methods for Cloud Authentication Service Users
- Authentication Method Lockout
- Emergency Access for Cloud Authentication Service Users
Users and Authenticators
- Cloud Authentication Service User System Requirements
- Authenticator Registration
- RSA SecurID Authenticate App Security Features
- Configure Email Notifications
- Manage RSA SecurID Access My Page
- Getting Started with FIDO-Certified Security Keys with RSA SecurID Access
- RSA and Yubico
- Using RSA Security Key Utility
- Registering Devices with RSA SecurID Authenticate App
- Manage Users for the Cloud Authentication Service
- Run User Reports
- Deploying the RSA SecurID Authenticate App in EMM Environment
- Deploying the RSA SecurID Authenticate for Windows App Using DISM
End User Rollout
- Cloud Authentication Service Rollout to Users
- Sample Rollout Email for RSA SecurID Access Users
- Configure Firefox for Integrated Windows Authentication
- Configure Chrome and Microsoft Internet Explorer for Integrated Windows Authentication
- Configure Browsers to Trust the Cloud Authentication Service
RSA Authentication Manager Integration
- Select an Integration Path for RSA Authentication Manager and the Cloud Authentication Service
- Connect Your Cloud Authentication Service Deployment to RSA Authentication Manager
- Test the RSA Authentication Manager Connection
- Update the Connection between the Cloud Authentication Service and RSA Authentication Manager
Cloud Administration APIs
- Using the Cloud Administration APIs
- Manage the Cloud Administration API Keys
- Determining Access Requirements for High-Risk Users in the Cloud Authentication Service
- Authentication for the Cloud Administration APIs
- Cloud Administration Event Log API
- Cloud Administration User Search API
- Cloud Administration Synchronize User API
- Cloud Administration User Details API
- Cloud Administration Delete User Device API
- Cloud Administration Authenticator Details API
- Cloud Administration Mark User Deleted API
- Cloud Administration User Status API
- Cloud Administration Unlock User Tokencodes API
- Cloud Administration Update SMS and Voice Phone API
- Cloud Administration Retrieve Authentication Audit Logs API
- Cloud Administration User Event Log API
- Cloud Administration Add/Remove High-Risk Users API
- Cloud Administration Retrieve High-Risk User List API
- Cloud Administration Health Check API
- Cloud Administration Retrieve Device Registration Code API
- Cloud Administration Enable Emergency Tokencode API
- Cloud Administration Disable Emergency Tokencode API
RSA SecurID Authentication API
- Manage the RSA SecurID Authentication API Keys
- RSA SecurID Authentication API Developer's Guide (PDF)
Logging
- Logging for the Cloud Authentication Service
- Event Message Components for the Cloud Authentication Service
- Monitor User Events in the Cloud Administration Console
- Monitor System Events in the Cloud Authentication Console
- User Event Monitor Messages for the Cloud Authentication Service
- System Event Monitor Messages for the Cloud Authentication Service
- Administration Log Messages for the Cloud Authentication Service
- Identity Router Logging
- Configure Audit Logging in the Cloud Administration Console
- Set the Identity Router Logging Level
- Contents of Identity Router Log Bundle
- View the Identity Router System Log
- Identity Router Audit Log Messages
- RSA SecurID Authenticate App Logging
Troubleshooting
- Troubleshooting Cloud Authentication Service User Issues
- Troubleshooting Administration Console Administration Issues
- Troubleshooting Identity Router Issues
- Troubleshooting Cloud Authentication Service Identity Source Synchronization
- Monitor Uptime Status for the Cloud Authentication Service
- Access SSH for Identity Router Troubleshooting
- Grant RSA Customer Support Access to Your Account
- Test Access to Cloud Authentication Service
Product Documentation and Support
- Product Documentation
- Support and Service for RSA SecurID Access
- RSA Ready Partner Program
Copyright
- Copyright
- Yubico Copyright

Attachments

Outcomes

Recommended Content

Incoming Links