

Adaptive authentication - Overview¶

This page guides you through setting up adaptive authentication for an application.

Prerequisites for adaptive authentication¶

You need to register a service provider on the Management Console.

Before you proceed

For JDK 17 runtime - Adaptive Authentication is disabled by default. You need to run adaptive.sh (adaptive.bat for Windows) in [IS-HOME]/bin

To enable adaptive authentication please proceed following instructions.

Stop the server if running
Run adaptive.sh (adaptive.bat for Windows) (eg: sh adaptive.sh)
Restart the server

To disable adaptive authentication please proceed following instructions.

Stop the server if running
Run adaptive.sh (adaptive.bat for Windows) with DISABLE parameter (eg: sh adaptive.sh DISABLE)
Restart the server

Add an adaptive authentication script¶

Make the following changes to the created service provider.

To add an authentication script to the service provider:

On the Management Console, go to Main > Identity > Service Providers.
Click List, select the service provider you want to configure, and click on the corresponding Edit link.
Expand Local and Outbound Authentication Configuration and click Advanced Configuration.

You can add authentication steps or use a template to configure adaptive authentication depending on your requirement.

If required, you can also use the script editor to introduce new functions and fields to an authentication script based on your requirement, and then engage the script to the service provider’s authentication step configuration.

Note

To learn about the functions and fields related to authentication scripts, see Adaptive Authentication JS API Reference.
To learn about the guidelines on writing custom functions for adaptive authentication, see Write Custom Functions for Adaptive Authentication.

A sample authentication script is shown below.

var onLoginRequest = function(context) {
    // Some possible initializations...
    executeStep(1, {
        onSuccess: function (context) {
            // Logic to execute if step 1 succeeded
            executeStep(2, {
                onSuccess: function (context){
                    // Logic to execute if step 2 succeeded
                },
                onFail: function (context){
                    // Logic to execute if step 2 failed
                }
            });
        }
        onFail: function(context){
            // Logic to execute if step 1 failed
            executeStep(3);
        }
    });
}

function someCommonFunction(context) {
    // Do some common things
}

Click Update to save changes.