Assigning policies and authentication methods to users

You must assign one or more policies to a user and specify the user-specific authentication method settings, either by using the GUI or by using the bulk provisioning feature. Note that the bulk provisioning feature is more efficient if you have a large number of users.

About this task

To assign one or more policies to a user and to specify the user-specific authentication method settings, complete the following steps:

Procedure

  1. In the IBM® MFA GUI, click the User Provisioning tab.
  2. Select an existing user.
  3. Click Check user information.
    The Policies table shows all of the policies that are assigned to the user.
  4. Click + in the Policies section.
    The All Policies table shows all of the available policies.
  5. Select one or more policies.
  6. Click Confirm.
    The Authentication Methods table shows the configured authentication methods for the policy.
  7. Select an authentication method.
  8. Click Check provisioning information.
  9. You are prompted for the user-specific authentication methods settings.
  10. Click Confirm.
  11. Set Active to On for the authentication methods
  12. Click Confirm.
  13. Inform users to use the IBM MFA Out-of-Band web server login page that you configured, such as 
    https://server:port/mfa/policy-name
    where port is the server authentication port you configured and policy-name is the policy the user must use. You may want to have the user bookmark this URL.
  14. When the user visits the IBM MFA Out-of-Band web login page,
    user-specific information about the methods required for the user to log in is displayed.