Client component types

SOAP client programs

SOAP client programs are not called 'SOAP clients'. The program itself specifies the type as a parameter to each request. A client component record must exist for this type at the network location (IP address) where the application runs. The policy in the component record will be used when processing all requests from that client.

Administration Program

Creating an Administration Program component record for a OneSpan administration program (e.g. Administration Web Interface or Audit Viewer) allows a policy to be set for connections from that program.

A component record must exist for each Administration Web Interface or any other administration program that uses SOAP and SEAL.

For the OneSpan Authentication Server SEAL interface, the SEAL > Require Administration Client Component Registration setting determines whether an administration program component must be provided for each Tcl Command-Line Administration tool application and Audit Viewer instance using live audit.

IDENTIKEY User Websites

IDENTIKEY User Websites is a pre-defined SOAP-based client component used for OneSpan User Websites clients. The client component record will be verified whenever the OneSpan User Websites client sends request to OneSpan Authentication Server.

One client component record must exist for each OneSpan User Websites client installed at different network locations (IP address). Each client component record requires a valid license key.

RADIUS Client

A RADIUS client component record is required when clients will be sending authentication requests to OneSpan Authentication Server using the RADIUS protocol. The OneSpan Authentication Server will use the component record to find:

  • The shared secret to use for communication with the RADIUS client.
  • The policy to apply to the authentication request.

A default RADIUS client component record is automatically created during installation of OneSpan Authentication Server. This default record can be deleted and replaced by specific records for each required location.

The default RADIUS client created during installation will be given a shared secret by default.

Digipass Authentication Module clients

A component record is required for any Digipass Authentication Module used with OneSpan Authentication Server. The component record will be used whenever the Digipass Authentication Module sends an authentication request to OneSpan Authentication Server. OneSpan Authentication Server verifies:

  • That the component record contains a valid license key for a client module.
  • Which policy to apply to the authentication request.

The following client types fall into this category:

  • Citrix Storefront. Used for Digipass Authentication for Citrix StoreFront.
  • IIS Module. Used for Digipass Authentication for IIS Basic.
  • Microsoft ADFS. Used for Digipass Authentication for Microsoft ADFS.
  • Outlook Web Access. Used for Digipass Authentication for OWA Basic and Digipass Authentication for OWA Forms.
  • Windows Remote Desktop Web. Used for Digipass Authentication for Remote Desktop Web Access.

DIGIPASS Authentication for Windows Logon

DIGIPASS Authentication for Windows Logon is a pre-defined SOAP-based client component used for Digipass Authentication for Windows Logon 2.x and later. Client component records of this type require a valid client component license.

Client component records of this type are required for all client IP addresses used to log on to Windows via Digipass Authentication for Windows Logon. However, you can define client component records to cover IP address ranges instead of individual client component records for each individual IP address.