Credential Type Resolution Configurations
The authentication requests that are presented to CA Strong Authentication Server must specify the type of credential that has to be used to process the request. In case of RADIUS and ASSP authentication requests, the input requests do not specify the type of credential. By default, RADIUS uses One-Time Password and ASSP uses password credential for authentication.
aatest
2112642
The authentication requests that are presented to CA Strong Authentication Server must specify the type of credential that has to be used to process the request. In case of RADIUS and ASSP authentication requests, the input requests do not specify the type of credential. By default, RADIUS uses One-Time Password and ASSP uses password credential for authentication.
To support any password-based authentication mechanisms for RADIUS and ASSP, or to use verifyPlain authentication, you must create the
Credential Type Resolution
configuration. You can map the input request to any of the following password type of credentials that CA Strong Authentication supports:- Password
- One-Time Password
- One-Time Token (OTT)
- OATH OTP
- CA Auth ID OTP OATH
- CA Auth ID OTP EMV
- LDAP Password
- Native Token
The credTypeResolutionConfigs element of the createRequest message is used to configure credential types.
The following table lists the elements of this message:
Element
| Mandatory
| Description
|
name | No | Name for the configuration. |
status | No | Indicates the status of the configuration. |
credType | No | The type of credential that has to be used to authenticate users with this credential type resolution configuration. Following are the supported values: 1 : For password4 : For OTP5 : For OTT7 : For OATH OTP8 : For CA Auth ID OTP-OATH9 : For CA Auth ID OTP-EMV10 : For LDAP password11 : For Native token |
userAttributeForCredType | No | The custom attributes of the user that defines the credential type to be used to authenticate the user. Include credType as one of the attributes. Note: The user attributes that you provide here must match the attributes that you have specified for the user during user creation. |