Configuration of TLS settings

Intelligent Adaptive Authentication uses the Transport Layer Security (TLS) protocol. Ensure to observe the following requirements for your integration of Intelligent Adaptive Authentication.

The correct TLS settings must be provided on the certificate handshakes.

Supported TLS versions

The Intelligent Adaptive Authentication endpoints support the following TLS versions:

  • TLS 1.2
  • TLS 1.3

When you connect to Intelligent Adaptive Authentication, you must use one of these TLS versions!

Supported cipher suites

For the different TLS versions, the Intelligent Adaptive Authentication endpoints support the following TLS cipher suites:

  • TLS 1.2
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS 1.3
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_GCM_SHA256

When you connect to Intelligent Adaptive Authentication, you must use one of these TLS cipher suites!

Server Name Indication

You must support Server Name Indication (SNI) when communicating with Intelligent Adaptive Authentication endpoints. SNI is an extension of the TLS protocol that enables a client to specify the domain name it is trying to reach.