authentication_level

Edit online

Use the authentication_level stanza entry to control whether the authentication level is preserved or refreshed during a credential refresh.

Syntax

authentication_level = {preserve|refresh}

Description

Specifies whether the authentication level for the user is preserved or refreshed during a credential refresh. The authentication level can reflect the results of an authentication strength policy (step-up authentication). In most cases, it is best to preserve this level during a credential refresh.

Options

preserve: The original attribute value is preserved in the new credential.
refresh: The original attribute value is refreshed in the new credential.

Usage

This stanza entry is required.

Default value

preserve

Example

authentication_level = preserve