Policy settings

Policy settings can be configured via the Administration Web Interface:

• General policy settings, such as:

  • Whether local authentication requires an OTP generated by an authenticator or whether a password (or both) is required (see Local authentication)
  • Whether back-end authentication is to be used, and if so the back-end protocol, e.g. RADIUS, NetIQ eDirectory, or Microsoft Active Directory (see Back-end authentication)
• User policy settings, such as whether Dynamic User Registration is permitted, Password Autolearn, and Stored Password Proxy (see Dynamic User Registration (DUR)  and Authentication without authenticators)
• Authenticator policy settings, such as whether auto-assignment or self-assignment is possible and the grace period (see Authentication without authenticators)
• Application settings for one-step and two-step Challenge/Response authentication, for Virtual Mobile Authenticator, and backup Virtual Mobile Authenticator
• Policy settings for Digipass Authentication for Windows Logon, e.g. offline authentication settings (see Digipass Authentication for Windows Logon )

Some policy properties can be overruled on the user level (see User-specific authentication policy overrides). For more information about all configurable policy settings, refer to the OneSpan Authentication Server Administrator Reference.