View Source

In the policy of "MobileID/Time-Based", there is a section called "OOBA-Push". Commonly, you will only need to change the following options:

Enable the option "Enable OOBA)
Enter the URL in the "OOBA URL" entry

DualShield MFA Platform > Policy Settings for Mobile App Push Authenticartion > image2021-6-23_0-35-11.png

Enable OOBA (Out-of-Band Authentication)

To enable or Disable Out-of-Band Authentication

Registration Authentication

Always ask the user to verify the password when registering a new device

When a user attempts to register a device for OOBA, password authentication is required.

Only ask the user to verify if the link session timed out

When the registration link has timed out, password authentication is required.

Registration Session Timeout

Defines the timeout period of the registration link.

Logon Request Timeout

Defines the timeout period of the logon request.

Local Authentication Method

Define the local authentication method to be used to verify the user

Enforce Local Authentication

If this option is enabled, then users must be verified by the specified local authentication in order to approve a push authentication request

OOBA URL

In DualShield 6, OOBA registration and verification functions are provided by the DualShield SSO service. In a DualShield system in which there are multiple DualShield SSO servers, e.g. one in the frontend and one in the backend, then you must specify the SSO server that is to be used for OOBA by entering the FQDN of the SSO server in this entry.