IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2

About RADIUS authentication

Users must authenticate with an OTP if they want to use the RADIUS authentication server. If the OTP is not configured, the authentication reverts to LDAP.

An enterprise application that uses OTP tokens for authentication prompts the user for a user name and password. The password can be the user password, or an application password.

For the second factor, the enterprise application can be configured to authenticate users with:

Only OTP provided by a token
Either OTP provided by a token or MAC

You can also configure a bypass option, in case the user loses the OTP token or the mobile phone for receiving MAC.

The bypass code might be configured among any of the following options:

Authorization code and password
Authorization code and enterprise account password
Authorization code and secret

Note: The OTP token deployment is only applicable to the IMS Server.

Feedback