Skip to main content

Configure Identity Platform for SecureAuth RADIUS

Follow this guide to set up SecureAuth RADIUS Server with the cloud and hybrid model of SecureAuth® Identity Platform release 19.07 or later.

The following configurations are required to use biometric identification (face (iOS only) or fingerprint recognition). Only the Identity Platform release 19.07 or later supports biometric identification; additionally, you must use the 2019 theme (see Setting the default theme for new realms).


The following steps must be completed before you can set up MFA methods. Some steps are specific to the cloud environment only and they are called out accordingly.

  • Data store. Have a data store integrated in the Identity Platform.

    To learn more, see Data store integrations.

  • Authentication policy. Have an authentication policy set up in the Identity Platform. Policies allow you to define rules to authenticate and block your users to certain applications.

    If you have an existing policy or default policy that will meet your security needs, you can use that policy; otherwise, you can set up a new policy specifically for SecureAuth RADIUS Server.

    To learn more about setting up a policy for SecureAuth RADIUS Server, see the Authentication Policies topics for your Identity Platform release.

Add an application

For instructions on how to add an application in the Identity Platform, see SAML application integration.


SecureAuth supports integration with over 500 third-party applications. For the complete list of application integration templates, see Application template library master list.

Configure API

Follow these steps to set up the authentication API.

  1. In the Identity Platform Advanced Settings, go to the realm you will enable the authentication API on.

  2. Select the API tab.

  3. In the API Key section, select the Enable API for this realm check box and click Generate Credentials.

    The Application ID and Application Key are required and used in the config.json file for all scenarios using Login for Mac. The Identity Platform contains an endpoints API; the config.json file calls the Identity Platform endpoints API.

  4. In the API Permissions section, set the following:

    Enable Authentication API

    Select the check box.

    OTP Validation Property

    Leave empty.

    User Management - add / update / retrieve users and their properties

    Select the check box.

    This will ensure that the SecureAuth Identity Platform API is allowing API requests to retrieve user profiles.

  5. Click Save.