Check your application's documentation and/or the application's Integration Guide on RSA Link to see if it has a configuration option that will enforce access using only a single authentication source. Applications that support RADIUS or Relying Party or SAML single sign-on will typically prevent authentication by any other means, once those options are enabled. However, when HTTP Federation or Trusted Headers are used, there will probably not be a built-in means within an application that prevents bypass of the RSA Cloud Authentication Service.
An internal application or website protected by HTTP Federation or Trusted Headers can be limited to only accepting incoming connections from the RSA Identity Routers' proxy IP address, thereby denying access from any other source. This can be achieved with a firewall.
Related Articles
RSA Cloud Authentication Service End User Videos Number of Views Skyhigh End User Remediation Flow - RSA Ready Implementation Guide Number of Views Skyhigh End User Remediation Flow - SAML Relying Party Configuration - RSA Ready Implementation Guide Number of Views Skyhigh End User Remediation Flow - SAML My Page SSO Configuration - RSA Ready Implementation Guide Number of Views ASR fails to generate with 'ORA-31011: XML parsing failed' and 'LPX-00225: end-element tag "ROWSET" does not match start-e… Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
