SecurID® Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.
Article Number
000036005
Applies To
RSA Product: SecurID Access
RSA Product/Service Type: Application Portal
RSA Product/Service Type: Application Portal
Issue
When using Microsoft Integrated Windows Authentication (IWA) as an Identity Provider, the IWA server is typically only accessible by users on an enterprise's internal network. If IWA is configured to be used automatically this can prevent external users from being able to access the application portal.
Restricting Access to Automated IdPs Using Authentication Source Access Rules can be used to force external users to the portal login page.
However, the IWA icon will still be displayed on the portal which may cause confusion for end users.
Image description
Restricting Access to Automated IdPs Using Authentication Source Access Rules can be used to force external users to the portal login page.
However, the IWA icon will still be displayed on the portal which may cause confusion for end users.
Image descriptionResolution
This is functioning as designed for the default application portal. Possible workarounds include:
- Sending an end-user communication explaining that external users must log in with username/password.
- Changing the IWA icon (Users > Identity Providers > Edit > Portal Display) to something less visible or that somehow conveys to the end user not to use this option.
- Replacing the default portal with a custom portal as described in the RSA SecurID Access Custom Web Portal Developer's Guide and the article on how to Configure a Custom Portal Page for Web Applications.
Notes
RSA SecurID Access product improvement suggestions can be made by RSA customers on the RSA Ideas for the RSA SecurID Suite page in RSA Link.
In this article
