• Votes

    1

    REST-API Allow other authentication methods for "Destroy endpount"

    Today it is only possible to use PASSWORD:1 for Destroy Endpoint. We would like to have the ability to use other Methods like, LDAP_PASSWORD:1, TOTP:1, HOTP:1 etc.

  • Votes

    4

    Check if firewall ports are open

    We would prefer an Option to check if needed Firewall Ports are open. In our opinion this check-up can be located in the Management Consol of AAF. Additionally there ...

  • Votes

    1

    Enable user exception group list in Geo-Fencing

    For example for “Singapore” & “Malaysia” group = user1, user2, user3, but for “China” group = user1 only & user2, user3 is deny access.

  • Votes

    3

    Method: Password Policy

    An Option to set different Password Policy for each user Group, if the Password set as a chain from MFA such as Pin + OTP. We want able to set for the UserGroups a Simple ...

  • Votes

    2

    messagebird

    The AAF 6.2 product contains an SMS TOTP method preconfigured for MessageBird. Which is great. However, the method uses the "OLD HTTP-API_v1" as MessageBird refers to ...

  • Votes

    4

    Don't include Smartphone enrollments as part of backed up app data for ...

    This behavior was observed when a user migrated from an older iPhone to a new iPhone but may also apply to Android devices. Current situation: The Smartphone enrollments ...

  • Votes

    3

    Allow multifactor when enrolling smartphone via /smartphone/enroll url ...

    As an Administrator of AAf, admin should be able to add MFA for direct smartphone enrollment url as well. Currently, the product (AAf 6.2) support direct smartphone ...

  • Votes

    1

    Retrieve and accept user names in different format

    Some applications/systems use naming schema different then simple username. Good example might be FUDO running in "bastion" mode. In that case username consists of two ...

  • Votes

    2

    Radius only return the CN from the group name

    Some customers have trouble with specific VPN Solutions from Cisco or Watchguard. Because with this tools it seems that there is a limitation for the group name field (as ...

  • Votes

    5

    Support for Configuring SMS Sender Policy Using a JSON Body or CURL ...

    Currently when configuring the SMS Sender policy we only support submitting parameters in the http request URL. I was working with a customer that uses Avaya as their ...

  • Votes

    2

    Offline mode: Allow computer to fail open

    Currently: If a user is offline, and if he has lost/broken one authenticator (if 2FA deployed with 'something you know' + 'something you have'), he can't login to his ...

  • Votes

    4

    Deleting a Smartphone authenticator in the NetIQ app deletes the ...

    Current situation: If you delete a Smartphone authenticator from the Self-Service portal/server-side, the Smartphone authenticator on your NetIQ app is deleted. However, ...

  • Votes

    3

    More descriptive confirmation message when deleting OTP token

    Current situation: When hitting delete on an OTP token, the confirmation dialog "Do you want to continue?" shows. From there you hit either OK or CANCEL. Desired ...

  • Votes

    5

    Syslog messages for failed attempts to AdminUI and Helpdesk events due ...

    Current situation: Today, when a user attempts to login to the AdminUI and authenticates successfully but does not have the proper authorization (i.e. does not have the ...

  • Votes

    2

    AAF Desktop OTP tool improvements / new requirements

    I have a customer in South Africa that is very interested in the functionality provided by the Desktop OTP tool but, AS IS, the Desktop OTP tool poses critical challenges ...

  • Votes

    1

    Allow a "Recycle" button on Card Search

    Customer has people that provide and receive temp badges. They would like a quick and easy way to un-associate a card from a user in a single click. I do have a mock up ...

  • Votes

    1

    REPOSITORY - Other - AD

    Customer has NETBIOS disabled. Cannot create AD Repo, we used "Other" and have to change each attribute to match AD. Possibly create Other - AD that has all the correct ...

  • Votes

    3

    Share smartphone method between accounts

    Like PIN, HOTP, U2F, and others, we would like to be able to share the smartphone method from one account to another.

  • Votes

    3

    Share secret questions between accounts

    Like PIN, HOTP, U2F, and others, we would like to be able to share secret questions from one account to another.

  • Votes

    5

    Ability to authenticate trough RADIUS if LDAP Passwor dis expired

    Please provide an option to allow authentication trough RADIUS if LDAP Password is expired. Today: It is not possible to authenticate trough the radius event with a ...