SecurID^® Discussions

npulido · ‎2022-10-07

Hi RSA community.

Is there any plan to include MFA capabilities into the IIS Agent? I mean, connecting to CAS in addition to AM and be able to use "modern" methods like biometry, FIDO, etc.

If not, would at least the OTP of the MFA application work through the AM proxy capabilities?

Many thanks.

RobertG · ‎2022-10-07

Hello @npulido ,

As you mentioned, the Authentication Agent for IIS can currently only be configured with AM. I do not know of any plans to add the ability to integrate the IIS agent with the CAS, though this may or may not happen.

However, if you have the IIS agent configured with AM, and also connect AM to the CAS, then users should be able to use the Authenticate Tokencode, PIN+Approve, and PIN+Biometrics (Authenticate Tokencode, Approve, and Biometrics are authentication methods from the SecurID app registered with the CAS) to authenticate to the IIS agent. Documentation for connecting AM to the CAS can be found here: https://community.rsa.com/t5/securid-cloud-authentication/connect-securid-authentication-manager-to-the-cloud/ta-p/631081

View solution in original post

RobertG · ‎2022-10-07

Hello @npulido ,

As you mentioned, the Authentication Agent for IIS can currently only be configured with AM. I do not know of any plans to add the ability to integrate the IIS agent with the CAS, though this may or may not happen.

However, if you have the IIS agent configured with AM, and also connect AM to the CAS, then users should be able to use the Authenticate Tokencode, PIN+Approve, and PIN+Biometrics (Authenticate Tokencode, Approve, and Biometrics are authentication methods from the SecurID app registered with the CAS) to authenticate to the IIS agent. Documentation for connecting AM to the CAS can be found here: https://community.rsa.com/t5/securid-cloud-authentication/connect-securid-authentication-manager-to-the-cloud/ta-p/631081

SecurID® Discussions

IIS agent and MFA

SecurID^® Discussions