We have connected our authentication manager (8.5) to the RSA CAS to extend our authentication methods, everything worked as expected, and we are able to login to our Windows workstations through the PIN+Approve or PIN+Bio-metric, unfortunately the user which is trying to login through the windows cannot select another authenticator option after the user enter his/her PIN successfully.
We have followed the Connect RSA Authentication Manager to the Cloud Authentication Service which is mentioning the following:-
The first option listed for an assurance level on the Assurance Levels page is presented as the default for each new user when he or she authenticates to an application or client assigned to that assurance level for the first time. A user can select another option at any time, as long as the assigned assurance level or a higher assurance level contains additional options that the user can complete. When a user successfully authenticates with an option, that option becomes the user's default for future authentications for that assurance level.