Certified: August 26, 2019
Solution Summary
This section describes the way in which Bottomline WebSeries can integrate with RSA SecurID Access.
Use Case
When integrated, users must authenticate with RSA SecurID Access in order to sign into Bottomline WebSeries. User sign-in can be integrated with RSA SecurID Access using SecurID Authentication API.
Integration Type
SecurID Authentication API integrations can provide a rich user interface with all RSA SecurID Access features within the partner application. Refer to the Supported Features section in this guide see which features this partner application has implemented.
Supported Features
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section contains the steps to integrate RSA SecurID Access with Bottomline WebSeries for each integration type.
Bottomline WebSeries Integration with RSA Cloud Authentication Service
| Authentication Methods | Authentication API | RADIUS | Relying Party | SSO Agent |
|---|---|---|---|---|
| RSA SecurID | - | - | - | - |
| LDAP Password | - | - | - | - |
| Authenticate Approve | - | - | - | |
| Authenticate Tokencode | - | - | - | |
| Device Biometrics | - | - | - | - |
| SMS Tokencode | - | - | - | - |
| Voice Tokencode | - | - | - | - |
| FIDO Token | n/a | n/a | - | - |
Bottomline WebSeries Integration with RSA Authentication Manager
| Authentication Methods | Authentication API | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | |
| On-Demand Authentication | - | - | |
| Risk-Based Authentication | n/a | - | - |
| Supported | |
| - | Not supported |
| n/t | Not yet tested or documented, but may be possible. |
Configuration Summary
This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Bottomline WebSeries components must be installed and working prior to the integration.
This section describes how to integrate Bottomline WebSeries with RSA Authentication Manager using SecurID Authentication API.
Architecture Diagram
Configure RSA Authentication Manager
To configure the integration with RSA Authentication Manager, you must enable the REST Service and then create an authentication agent.
Sign into the Security Console and browse to Setup > System Settings > REST Service, mark the check box to enable REST Service and make note of the Agent Credentials. The Agent Credentials will be needed during configuration of the agent.
Browse to Access > Authentication Agents and click Add New. Enter the name of your authentication agent in the Hostname field and click Save.
Configure Bottomline WebSeries
Perform these steps to configure Bottomline WebSeries as an authentication API client to RSA Authentication Manager.
In WebSeries database in CONFIGPARAMS table add the following data:
| PARAMETER | VALUE | OWNER |
|---|---|---|
| rsa.mfa.enabled | true/false | PRODUCT |
| rsa.agent.hostname | <hostname of Authentication Agent added in RSA Security Console> | PRODUCT |
In RSA_HOST table, add RSA Authentication Manager servers:
| HOST_URL | ACCESS_KEY | PRIORITY |
|---|---|---|
| https://replica1.com:5555/mfa/v1_1 | <enter Access Key from RSA Security Console> | 1 |
| https://replica2.com:5555/mfa/v1_1 | <enter Access Key from RSA Security Console> | 2 |
| https://replica3.com:5555/mfa/v1_1 | <enter Access Key from RSA Security Console> | 3 |
End User Experience
Login screen
User-defined new PIN
System-generated new PIN
Next tokencode
Certification Details
Date of testing: August 23, 2019
RSA Authentication Manager 8.4
Bottomline WebSeries J 7.6.8C
Known Issues
No known issues.
