Documentation
Introduction

SecureAuth IdP version 8.1 is robust with new features and a visually distinct Web Admin. Use this guide to learn more about the new interface, get a sneak peek at the new features, and find the new locations of existing fields.

What's Changed
New Web Admin Interface

 

SecureAuth IdP 8.1 has been rebranded with SecureAuth's new logo and color scheme to present a clean and polished interface

The navigation is the same as the previous version, with the homepage displaying the configured realm for easy access and a Search bar to find exact realms on any page

Modification Highlighting

 

When edits are made in the Web Admin, the field highlights blue to point out where the changes were made to provide a visual way to track changes

Once the changes are Saved, the fields return to white to restart the tracking system for future modifications

New / Enhanced Sections
Data

 

In the Membership Connection Settings section of the Data tab, Oracle Database and Microsoft Azure AD are available as data store options for directory integration

Refer to Oracle Database Configuration Guide and Microsoft Azure AD Configuration Guide for specific integration information

The Max Invalid Password Attempts field has also been added to each directory integration configuration to enable user account lock out once the maximum failed attempts has been reached

Profile Fields

 

In the Profile Fields section, the SecureAuth IdP Property, OATH Tokens has been added to the list of mapped attributes

OATH Tokens contain a unique OATH seed and a device's ID to enable multiple OATH seed support on single or multiple devices per SecureAuth IdP appliance or directory integration

Refer to OATH Provisioning Realm Configuration Guide for more information

Workflow

SecureAuth IdP 8.0 

SecureAuth IdP 8.1

The Adaptive Authentication section has replaced the Analyze section of the Workflow tab

The SecureAuth IdP 8.1 version of adaptive authentication expands its risk analysis functionality in a more compact and accessible menu

Refer to Adaptive Authentication Configuration Guide (version 8.1) for more information

SAML Consumer

 

The SAML Consumer section has been added to the Workflow tab to enable SecureAuth IdP to consume SAML assertions from multiple Identity Providers in a single realm, and to send mapped directory attributes to relying Service Providers (SPs) as SecureAuth IdP Profile Properties

Refer to SAML Multi-tenant Consumer Configuration Guide and SAML Attribute Consumption Configuration Guide for more information

OATH Handler

 

The OATH Handler section enables SecureAuth IdP to validate OATH OTPs and passwords via RADIUS web service calls

Refer to RADIUS OATH OTP + Password Validation Handler Configuration Guide for more information

Registration Methods

 

In the Registration Configuration section of the Registration Methods tab, a second Help Desk option is available for 2-Factor Authentication OTP delivery

Refer to Second Help Desk Registration Method Configuration Guide for more information

Authentication API

 

The Authentication API feature enables applications to make RESTful API calls to SecureAuth IdP to validate usernames, passwords, knowledge-based questions, OATH OTPs, and more; to deliver OTPs; and to assess risk levels through a completely customizable workflow and interface

Refer to Authentication API 8.1 Configuration Guide for more information

Post Authentication

 

The OATH section of the Post Authentication tab for the OATH Provisioning Realm has expanded and enables two forms of OATH OTP provisioning (Single or Multi)

Refer to OATH Provisioning Realm Configuration Guide for more information

Logs

 

SecureAuth IdP 8.1 supports both RFC3164 and RFC5424 Syslog versions, so in the Syslog section of the Logs tab, the specific Syslog RFC Spec version can be selected

If RFC5424 is selected, then the Private Enterprise Number (PEN) field appears, which must be set to the Syslog PEN code for successful integration

System Info

 

The WSE 3.0 / WCF Configuration section of the System Info tab includes new URLs to communicate with the new SHA256 cloud services environment

Location Changes
Overview

SecureAuth IdP 8.0

SecureAuth IdP 8.1

In the Overview tab, the Email Settings section has moved from being on the main page to its own page

Click on Email Settings in the Advanced Settings section to configure the SMTP settings for SecureAuth IdP OTP email delivery

Workflow

SecureAuth IdP 8.0

SecureAuth IdP 8.1

The SAML 2.0 Service Provider section of the Workflow tab has moved to the Post Authentication tab for SAML 2.0 assertion post-authentication events

The SP Start URL and the ACS / SAML Request Certificate fields can be found in the SAML Assertion / WS Federation section

Registration Methods

SecureAuth IdP 8.0 

SecureAuth IdP 8.1

The OATH Settings in the Registration Configuration section of the Registration Methods tab have been altered and split between the Registration Configuration section and the OATH section of the Post Authentication tab for the OATH Provisioning Realm

Refer to OATH Provisioning Realm Configuration Guide for more information on the configuration and different options