SecureAuth version affected: All
Description: When a User logs into a realm, it is possible to use Device Recognition to prevent them having to MFA every time they access the realm. This article is a quick guide on how to enable this feature.
Resolution:
Fingerprinting has the following requirements:
- The Fingerprint property field needs to be set to an appropriate attribute and marked as writable in the Data tab of the realm. Typically in an AD datastore we use the audio attribute to store the Fingerprint.
- The Datastore service account needs permissions to write to the fingerprint property field.
- Client Side Control needs to be set to Device/Browser Fingerprinting on the Workflow tab.
- Fingerprinting only occurs if Private Mode is selected.
For more information on Device recognition, see this link
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products
Comments
Please sign in to leave a comment.