Configuring Re-Authentication
- Enterprise IT
- Mayuresh Balaji Kamble (Unlicensed)
Overview
In this evolving world of the internet, which grown exponentially, it is important to secure and safeguard our data or critical transactions from hackers. To ensure complete protection of the application from vicious ransomware or any other malicious malware, we have added an additional layer of security. A new ‘Enable Re-Authentication’ check box is introduced at the Catalog level of the Service Request module.
On configuring the Re-authentication in the Application Setting and catalog level based on the configuration, a user must re-enter the credentials before logging an SR or approving an SR to confirm the authentication.
Figure: Re-Authentication
User Personas:
- Administrator
- End user
- Analyst
Configuring Re-Authentication
The Re-Authentication configuration enables you to restrict unauthorized users to create or approve a Service Request. For more information on configuring the reauthentication configuration, refer the following links:
To configure Re-authentication in Application Settings, perform the following steps:
- Log in to the SummitAI Application.
- Navigate to the Admin > Infrastructure > Application Settings.
The Application Settings screen appears.
Figure: Application Settings screen - Select the Re-Authentication Type, the options available are:
Password
OTP - Select the required option and click SUBMIT.
Password
The password re-authentication type enables you to enter only NT credentials during application re-authentication.
Figure: Re-authentication – Password
Notes
- By default, Password is selected if the authentication mode is NT login.
- Password re-authentication is only available for NT login and not for any other authentication modes.
Prerequisites:
- Select Password as the re-authentication type from the Application Settings.
- Enable the Re-Authentication check box and select Re-Authentication For as All for a catalog, and publish it.
Steps:
- Navigate to the Service Request module > New Service Request.
- Select a Tenant and click corresponding to a Service to select configured Catalog.
The Catalog screen appears.
Figure: Catalog screen - Enter the required remarks and click SUBMIT.
Figure: Credential screen - Re-enter the NT credentials and click VALIDATE to approve a SR.
A successful approval message appears.
OTP
The OTP (One Time Password) re-authentication enables you to authenticate using an OTP which is send to your configured mobile number or email address. It is mandatory to select the medium for the OTP to be send. You could either select anyone or both options based on your requirements. Also, configure the expiry of the OTP in minutes, you could configure from 1 to 15 minutes for the expiry of the OTP.
Note
By default, OTP is selected if the authentication type is SSO.
Prerequisites:
- In the Application Settings screen, select an OTP as re-authentication type.
- Enable Re-Authentication check box and select Re-Authentication For as All for a Catalog and Publish it.
To verify OTP Re-Authentication, perform the following steps:
Steps:
- Navigate to the Service Request module > New Service Request.
- Select a Tenant and click corresponding to a Service to select configured Catalog.
The Catalog screen appears.
Figure: Catalog screen - Enter the required remarks and click SUBMIT.
The re-authentication screen appears.For Mobile OTP Authentication
Figure: OTP AuthenticationNotes
- SMS Gateway should be configured to receive SMS.
- You should have a mandatory mobile number for the OTP authentication.
For Email OTP Authentication
Figure: Email ValidationOTP Expiry Authentication
Figure: OTP Expires - SMS Gateway should be configured to receive SMS.
To configure catalog level configuration, perform the following steps:
- Navigate to the Catalog.
- Click the Create Service Catalog.
- Enter the required details for the following tabs:
FORM DETAILS
FORM BUILDER
PREVIEW
- In the ADDITIONAL INFO tab, at DEFAULT SERVICE REQUEST VALUE section select the Enable Re-Authentication check box.
- Select the Re-Authentication For The options available are:
- All – Enables an end-user to mandatorily re-authenticate while creating or approving a service request.
- Create Service Request - Enables an end-user to mandatorily re-authenticate while creating a service request.
- Approve Service Request - Enables an end-user to mandatorily re-authenticate while approving a service request.
For more information, see Creating Service Catalog
Confluence Cloud Migration Alert: Please refer to known issues you may encounter in Confluence Cloud: https://eitdocs.atlassian.net/wiki/x/wDGwAQ