cancel
Showing results for 
Search instead for 
Did you mean: 

APM add 2 different types of RSA on the same policy

Brandon
Cirrostratus
Cirrostratus

I would like to have one Policy  but give our customer a choice on what type of RSA authentication they use. 

Both are RSA one is Radius and one is Okta. I want only one login page . 

I created a login page and tried to use the button or drop down list. I would like for the cutsomer to be able to choose on the drop down box and then enter there password . 

 

Brandon_0-1656468336944.png

 

3 ACCEPTED SOLUTIONS

Sebastiansierra
Cirrocumulus
Cirrocumulus

Hi Brandon,

You have to configure some things for your requirement:

1. When you define the button to select the type of authentication that you want to use, you have to define the name for this variable, in my case I used login:

Sebastiansierra_0-1656497974267.png

2. In the same page go to Branch Rules

3. give click in Add Branch Rule.

4.Set a name to the new rule and click in Change.

5.In the tab Advanced copy the nest expression

expr {[mcget {session.logon.last.login}] == "okta"}

Repeat the steps 3 to 5 to add another branch rule for 

expr {[mcget {session.logon.last.login}] == "radius"}

Sebastiansierra_1-1656498196842.png

6.click Save.

7. Now you can configure all the elements to allow authentication with radius and okta in differents flows, in my case for the lab I used AD and local DB.

Sebastiansierra_2-1656498275790.png

Hope it´s works.

View solution in original post

Brandon
Cirrostratus
Cirrostratus

Brandon_0-1656526671674.png

 

 

 

Brandon_1-1656526671680.png

 

If Okta path

 

 

 

Brandon_2-1656526671682.png

 

 

Brandon_3-1656526671684.png

 

 

 

 

If okta path

Brandon_4-1656526671685.png

 

Radius Path

Brandon_5-1656526671687.png

 

 

Brandon_6-1656526671688.png

 

 

 

 

Brandon_7-1656526671689.png

 

View solution in original post

Brandon
Cirrostratus
Cirrostratus

This is one Auth password field  but gives customer a choice of what on 

Brandon_0-1656528242438.png

 

 

 

 

Field 3 “Radio” values added to tbe Branch Rules this is the or statement is done on the Branch Rule

Brandon_1-1656528242448.png

 

 

 

 

 

 

 

 

 

 

 

 

Branch Rules on the “Selection for Authorization” Expression are the values from Row 3

Brandon_2-1656528242454.png

 

 

 

 

 

 

 

 

 

You will notice that the variable is .pw for both okta and rsa auth are the same. The radio is what chooses the path.

Okta Path

Line item is .pw

Brandon_3-1656528242458.png

 

 

 

Important line item is .ad

Brandon_4-1656528242460.png

 

 

 

 

 

 

 

 

 

 

 

Radius path

 important  item .pw

Brandon_5-1656528242463.png

 

 

Important item is .ad

Brandon_6-1656528242466.png

 

 

 

 

 

 

End Result

Brandon_7-1656528242468.png

 

 

View solution in original post

4 REPLIES 4

Sebastiansierra
Cirrocumulus
Cirrocumulus

Hi Brandon,

You have to configure some things for your requirement:

1. When you define the button to select the type of authentication that you want to use, you have to define the name for this variable, in my case I used login:

Sebastiansierra_0-1656497974267.png

2. In the same page go to Branch Rules

3. give click in Add Branch Rule.

4.Set a name to the new rule and click in Change.

5.In the tab Advanced copy the nest expression

expr {[mcget {session.logon.last.login}] == "okta"}

Repeat the steps 3 to 5 to add another branch rule for 

expr {[mcget {session.logon.last.login}] == "radius"}

Sebastiansierra_1-1656498196842.png

6.click Save.

7. Now you can configure all the elements to allow authentication with radius and okta in differents flows, in my case for the lab I used AD and local DB.

Sebastiansierra_2-1656498275790.png

Hope it´s works.

Brandon
Cirrostratus
Cirrostratus

FYI just posting info to help someone else out. 

Thank you so much. We tested two versions. One with two auth fields and one with one auth field. Given the cutsomer the choice to choose which type of auth to use by the drown box or button. 

Policy 1 with two fields 

 

Brandon
Cirrostratus
Cirrostratus

Brandon_0-1656526671674.png

 

 

 

Brandon_1-1656526671680.png

 

If Okta path

 

 

 

Brandon_2-1656526671682.png

 

 

Brandon_3-1656526671684.png

 

 

 

 

If okta path

Brandon_4-1656526671685.png

 

Radius Path

Brandon_5-1656526671687.png

 

 

Brandon_6-1656526671688.png

 

 

 

 

Brandon_7-1656526671689.png

 

Brandon
Cirrostratus
Cirrostratus

This is one Auth password field  but gives customer a choice of what on 

Brandon_0-1656528242438.png

 

 

 

 

Field 3 “Radio” values added to tbe Branch Rules this is the or statement is done on the Branch Rule

Brandon_1-1656528242448.png

 

 

 

 

 

 

 

 

 

 

 

 

Branch Rules on the “Selection for Authorization” Expression are the values from Row 3

Brandon_2-1656528242454.png

 

 

 

 

 

 

 

 

 

You will notice that the variable is .pw for both okta and rsa auth are the same. The radio is what chooses the path.

Okta Path

Line item is .pw

Brandon_3-1656528242458.png

 

 

 

Important line item is .ad

Brandon_4-1656528242460.png

 

 

 

 

 

 

 

 

 

 

 

Radius path

 important  item .pw

Brandon_5-1656528242463.png

 

 

Important item is .ad

Brandon_6-1656528242466.png

 

 

 

 

 

 

End Result

Brandon_7-1656528242468.png