Credential attributes
The
credential
element of the registration policy defines what authenticators the VIP account supports and how they are supported. You can set the following values:- allowedTypes
- maxAllowed
- expiration
- multiUserCred
The following table lists the
credential
attributes available to the registration policy. The table also lists the default credential
values.Attribute | Type | Description | Default Policy Value |
|---|---|---|---|
allowedTypes | String | The types of authenticators that VIP can bind to your users. Include one or more of the following, followed by whether the authenticator type is supported ( Y ) or not (N ).This attribute is for registration only, and does not affect validation. If users register an allowed authenticator type and you later change the authenticator type to not be allowed, users can continue to validate with that authenticator.
|
|
maxAllowed | String | The maximum number of authenticators that a user can register at one time. Value must be from 1 through 5, inclusive. |
|
multiUserCred | String | Whether an authenticator can be registered to more than one user within your organization at one time ( Y ) or not (N ). |
|
noAuthExpiration | String | The maximum number of days that an authenticator is valid before the user is prompted to register it again. Value must be between 15 to 365, inclusive. Setting this attribute to 0 disables this policy. |
|