Managing Authentication Strategies
OneAccess simplifies user access management by offering a unified solution. With authentication strategies, you can control access for specific users based on factors like access time, device type, and region range. Furthermore, you can allow access, deny access, or enable multi-factor authentication (MFA) for specified users.
Adding an Authentication Strategy
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- On the displayed page, click Add a strategy.
- Configure the strategy.
Table 1 Strategy parameters Parameter
Description
*Policy Name
Name the added authentication strategy for easy management.
Description
Add a description for the authentication strategy.
User Condition
Select the user range. The options include All users, Qualified users, and Disqualified users.
Access Time
Time range when users are allowed or not allowed to access the application. The options include Any time, Within specific periods, and Outside specific periods.
Device Type
Type of devices that are allowed or not allowed to access the application. The options include Browser, Desktop device, and Mobile device.
Regions
Set the region range. The options include Any, Chinese Mainland, Outside the Chinese Mainland, Within specific regions, Outside specific regions.
Authentication Provider
Select authentication provider that users can or cannot use to access the application. The options include Any, With specific authentication providers, and Without specific authentication providers.
Risk operation
Select the user who triggers a risk event. You can select multiple users, which is the same as the risk event in risk behavior management.
Access control
Specify how to manage user access. You can choose to allow access, deny access, or enable multi-factor authentication (MFA) for users who meet specific criteria.
NOTE:If MFA authentication is selected, five authentication modes are available: OTP, SMS, email, FIDO2, and fingerprint authentication.
- Click Save.
Modifying an Authentication Strategy
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- On the authentication strategy page, click Modify in the Operation column of the target strategy. On the displayed page, modify the authentication strategy configuration.
- Click Save.
Deleting an Authentication Strategy
You can delete authentication strategies as needed.
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- Click Delete in the Operation column of the target strategy.
- Click OK.
Disabling an Authentication Strategy
If you do not want to use the authentication strategy in a certain period, you can disable it by changing its status.
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- In the Status column of the target strategy, click
. - In the displayed dialog box, click OK to disable the strategy.
Enabling an Authentication Strategy
If an authentication strategy has been disabled, you can enable it when you need to use it.
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- In the Status column of the target strategy, click
. - In the displayed dialog box, click OK to enable the strategy.
Adjusting the Strategy Priority
A maximum of 10 authentication strategies can be added. You can drag a strategy in the authentication strategy list to change its priority.
- Log in to the administrator portal.
- On the top navigation bar, choose Authentication > Authentication Strategy.
- Drag the target strategy upwards or downwards to a desired sequence.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
