One Identity Starling Two-Factor Authentication. Administration Guide

Similar documents
One Identity Starling Two-Factor Authentication. Administrator Guide

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

One Identity Password Manager User Guide

One Identity Starling Two-Factor HTTP Module 2.1. Administration Guide

One Identity Starling Two-Factor Authentication

One Identity Starling Two-Factor AD FS Adapter 6.0. Administrator Guide

Cloud Access Manager How to Deploy Cloud Access Manager in a Virtual Private Cloud

EAM Portal User's Guide

One Identity Quick Connect Express

One Identity Active Roles 7.2

One Identity Active Roles 7.2. Management Pack Technical Description

One Identity Starling Identity Analytics & Risk Intelligence. User Guide

Spotlight on SQL Server Enterprise Spotlight Management Pack for SCOM

One Identity Active Roles Diagnostic Tools 1.2.0

Cloud Access Manager SonicWALL Integration Overview

Spotlight Management Pack for SCOM. User Guide

One Identity Defender 5.9. Product Overview

Authentication Manager Self Service Password Request Administrator s Guide

The Privileged Appliance and Modules (TPAM) 1.0. Diagnostics and Troubleshooting Guide

One Identity Active Roles 7.2. Replication: Best Practices and Troubleshooting Guide

Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Rapid Recovery License Portal Version User Guide

Authentication Services ActiveRoles Integration Pack 2.1.x. Administration Guide

Quest Migration Manager Upgrade Guide

Metalogix Archive Manager for Files 8.0. IIS Installation

KACE GO Mobile App 5.0. Getting Started Guide

The Privileged Appliance and Modules (TPAM) Approver Guide

Quest Recovery Manager for Active Directory 9.0. Quick Start Guide

One Identity Management Console for Unix 2.5.1

Quest Migration Manager for Exchange Granular Account Permissions for Exchange 2010 to 2013 Migration

Quest Migration Manager for Exchange Resource Kit User Guide

One Identity Active Roles 7.2. Azure AD and Office 365 Management Administrator Guide

Quest Unified Communications Diagnostics Data Recorder User Guide

Quest Migrator for Notes to Exchange SSDM User Guide

Metalogix Intelligent Migration. Installation Guide

Dell Secure Mobile Access Connect Tunnel Service User Guide

About One Identity Quick Connect for Base Systems 2.4.0

Quest Migration Manager for Exchange Granular Account Permissions for Exchange 2010 to 2010 Migration

KACE GO Mobile App 5.0. Release Notes

Quest Code Tester for Oracle 3.1. Installation and Configuration Guide

KACE GO Mobile App 3.1. Release Notes

Cloud Access Manager Overview

Quest Recovery Manager for Active Directory Forest Edition 9.0. Quick Start Guide

One Identity Manager 8.0. IT Shop Administration Guide

One Identity Active Roles 7.2. Configuration Transfer Wizard Administrator Guide

SQL Optimizer for Oracle Installation Guide

Quest InTrust InTrust Events

SQL Optimizer for IBM DB2 LUW 4.3.1

Setting up Quest QoreStor as an RDA Backup Target for NetVault Backup. Technical White Paper

Quest InTrust Objects Created and Used by InTrust

Dell Statistica. Statistica Enterprise Server Installation Instructions

KACE GO Mobile App 4.0. Release Notes

About Toad for Oracle 2017 Editions 2. Product release notes 4. Installation 5

Quest Knowledge Portal 2.9

Quest One Password Manager

Cloud Access Manager How to Configure Microsoft Office 365

Setting up the DR Series System on Acronis Backup & Recovery v11.5. Technical White Paper

Toad Intelligence Central 3.3 New in This Release

Toad DevOps Toolkit 1.0

One Identity Active Roles 7.2. Web Interface User Guide

One Identity Manager Data Archiving Administration Guide

MySonicWall Secure Upgrade Plus

One Identity Manager 8.0. Administration Guide for Connecting to Azure Active Directory

One Identity Password Manager 5.7.1

TPAM Security Product Client for Windows Security Product Client for Windows Guide

One Identity Authentication Services Defender Integration Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

Setting up the DR Series System with vranger. Technical White Paper

One Identity Quick Connect for Base Systems 2.4. Administrator Guide

Metalogix ControlPoint 7.6. for Office 365 Installation Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

One Identity Manager 8.0. Target System Base Module Administration Guide

Dell One Identity Cloud Access Manager 8.0. Overview

One Identity Manager 8.0. Administration Guide for Connecting to a Universal Cloud Interface

Toad Edge 2.0 Preview

Cloud Access Manager How to Configure Microsoft SharePoint

One Identity Manager 8.0. Data Archiving Administration Guide

SonicWall Mobile Connect for Chrome OS

Metalogix Essentials for Office Creating a Backup

About One Identity Quick Connect for Cloud Services Release Notes

Metalogix StoragePoint 5.7. Release Notes

Dell GPOADmin 5.7. About Dell GPOADmin 5.7. New features. Release Notes. December 2013

One Identity Manager Administration Guide for Connecting to SharePoint

Setting Up Quest QoreStor as a Commvault Backup Target. Technical White Paper

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

One Identity Active Roles 7.2. Web Interface Administrator Guide

One Identity Manager Administration Guide for Connecting to SharePoint Online

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Toad Edge Installation Guide

One Identity Safeguard for Privileged Sessions 5.9. Remote Desktop Protocol Scenarios

LiteSpeed for SQL Server 6.1. Configure Log Shipping

One Identity Manager 8.0. Administration Guide for Connecting Unix-Based Target Systems

Setting Up Quest QoreStor with Veeam Backup & Replication. Technical White Paper

One Identity Password Manager 5.8.0

Quest Migration Manager for Active Directory Cached Credentials Utility Administrator Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Dell Change Auditor 6.5. Event Reference Guide

One Identity Manager 8.0. Administration Guide for Connecting to Cloud Applications

Quest Client Profile Updating Utility 5.7

One Identity Manager Administration Guide for Connecting Oracle E-Business Suite

Transcription:

One Identity Starling Two-Factor Authentication

Copyright 2018 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of One Identity LLC. The information in this document is provided in connection with One Identity products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of One Identity LLC products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, ONE IDENTITY ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON- INFRINGEMENT. IN NO EVENT SHALL ONE IDENTITY BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ONE IDENTITY HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. One Identity make no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. One Identity do not make any commitment to update the information contained in this document. If you have any questions regarding your potential use of this material, contact: One Identity LLC. Attn: LEGAL Dept 4 Polaris Way Aliso Viejo, CA 92656 Refer to our Web site (http://www.oneidentity.com) for regional and international office information. Patents One Identity is proud of our advanced technology. Patents and pending patents may apply to this product. For the most current information about applicable patents for this product, please visit our website at http://www.oneidentity.com/legal/patents.aspx. Trademarks One Identity and the One Identity logo are trademarks and registered trademarks of One Identity LLC. in the U.S.A. and other countries. For a complete list of One Identity trademarks, please visit our website at www.oneidentity.com/legal. All other trademarks are the property of their respective owners. Legend WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death. CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed. IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information. Updated - August 2018

Contents What you can do with One Identity 4 Logging in to dashboard 5 Managing subscription 6 Stand-alone Subscription 6 One Identity Hybrid Subscription 6 Service usage statistics 6 License details 7 Subscription details 7 Subscription key 8 Managing collaborators 9 Managing approvals 11 Managing user accounts 12 Customizing settings 13 Customizing user authentication 13 Customizing token UI 13 Starling 2FA application 15 About us 16 Contacting us 16 Technical support resources 16 3

1 What you can do with One Identity If your organization wants to enable two-factor authentication on a product, you can purchase subscription. When your organization purchases the subscription, a subscription gets created and you receive an invitation to access Dashboard. To configure in your product, you have to provide the subscription key that is available on the Dashboard or, join your product to a Starling account. For more information on configuring Starling Two- Factor Authentication in your product, see the relevant section in the documentation set of your product. On Dashboard, you can do the following: Add or delete collaborators (Administrators and Helpdesk users) Manage the user status of the service Monitor the service usage statistics View the license details and subscription details View and change the subscription key Modify the user authentication settings Customize the token appearance on the Starling 2FA app What you can do with One Identity Starling Two-Factor Authentication 4

2 Logging in to Starling Two-Factor Authentication dashboard To log in to the dashboard: 1. Log in to Starling account. If you are logging in to the Starling account for the first time, do one of the following: If you have a Starling account, when a subscription is created for you, you will receive a Starling invitation email. Click the link in the email and log in to the Starling account. If you do not have a Starling account, when a subscription is created for you, you will get a Starling Sign-up email to complete a registration process to create a Starling account. Complete the registration and log in using the credentials that you have provided during registration. For account creation details, see the One Identity Starling User Guide. 2. Under My Services, click Two-Factor Authentication. Dashboard is displayed. Logging in to dashboard 5

3 Managing subscription The Dashboard tab displays the details of service usage statistics for the current month, license details, subscription details and the subscription key. These details help in tracking and managing the subscription. Starling 2FA services can be used either by joining a client product to Starling using the Join functionality or, by using a subscription key. This depends on the version of the client product that is being used. NOTE: Please refer the appropriate version of the client product documentation, for the configuration steps. Stand-alone Subscription Customers can buy stand-alone subscriptions depending on the number of user licenses required. Number of users using the services is dependent on the number of licenses purchased. One Identity Hybrid Subscription Customers using other One Identity products can use Hybrid subscription, to subscribe to Starling 2FA services. Contact your sales representative for more information. Service usage statistics Service usage statistics section displays the details of the service usage for the current month such as number of users using the service, phone calls, SMS and authentications. It also provides a graphical representation of the service usage. Managing subscription 6

License details License details related to both the subscriptions (stand-alone and hybrid) are detailed below. Stand-Alone Subscription Different parameters related to stand-alone subscription are mentioned in the table below. ITEM NAME Licensed users Consumed user licenses Created Expires TOOLTIP TEXT Number of users licensed under your stand-alone subscription. Number of consumed user licenses under your stand-alone subscription. If you have purchased a hybrid subscription, this value may be initially inaccurate and will be automatically updated as your users start using the hybrid subscription. Creation date of your stand-alone subscription. Expiration date of your stand-alone subscription. If you have an active hybrid subscription you can use it, once your standalone subscription expires. Hybrid If you have a valid standalone subscription, set to NO. subscription One Identity Hybrid Subscription Different parameters related to hybrid subscription are mentioned in the table below. ITEM NAME Hybrid subscription Hybrid subscription expires Hybrid subscription users License Status TOOLTIP TEXT Indicates whether you have purchased a hybrid subscription. Expiration date of your hybrid subscription. If you have an active standalone subscription you can continue to use it once your hybrid subscription expires. Number of users using Starling 2FA as part of the hybrid subscription. Indicates whether the license is valid or invalid Subscription details Subscription details section displays the Subscription Id and Subscription name. Managing subscription 7

Subscription key Subscription key section displays the subscription key allotted to you when a new subscription is created for you. You can use this key to configure your software that uses. If the subscription key is used by unauthorized users or used inappropriately, the Administrator can change the subscription key. After the new key is created, the current key will be valid only for next 24 hours. Managing subscription 8

4 Managing collaborators The Collaborators tab displays all the collaborators and their roles assigned by the Administrators. Collaborators are users who are assigned with certain roles. They manage the administrative and general tasks in. Collaborators can log in to Dashboard and perform the tasks as per the roles assigned to them. Collaborators are categorized into three: Helpdesk user, Administrator, and Primary Administrator. A Helpdesk user performs general tasks, whereas Administrators and Primary Administrators perform administrative tasks. The tasks initiated by an Administrator require approval from at least one other Administrator. Any Administrator other than the one who initiated the action can approve or cancel a request. The Administrator who initiated the action can resend the approval email. A Primary Administrator can perform the tasks of a Helpdesk user and Administrator without any approval. The administrator can add a collaborator by performing the below procedure: 1. From the Collaborators page, click Add. The Add Collaborators dialog box opens. 2. Select a value from the Role drop-down menu. 3. Enter appropriate values in the following fields: First Name Last Name Email ID 4. Click Add. An invitation is sent as an email to the mentioned email ID if the Starling account is not present. Invited collaborators are marked as Invited in the Collaborators page. NOTE: You can cancel or resend an invitation that was sent to an invited collaborator from the Collaborators page. The following table lists the various tasks that each collaborator role can perform. Managing collaborators 9

Table 1: Collaborator roles and tasks Tasks Helpdesk user Administrator Primary Administrator Log in to Dashboard Yes Yes Yes Create, manage, and delete users, who use two-factor authentication Run health check for the Starling 2FA app installed on the user s device Yes Yes Yes Yes Yes Yes Generate temporary response code Yes Yes Yes View and change subscription key No Yes Yes Add new Administrators and Helpdesk users No Yes Yes Delete Administrator and Helpdesk users No Yes Yes Change the role No Yes Yes Change subscription settings No Yes Yes Managing collaborators 10

5 Managing approvals The Approvals tab displays all the approval requests received from other Administrators for administrative actions that require an approval from another Administrator. In such cases, the Administrators receive an approval email or receive an approval link in the Approvals tab. To complete an approval for an administrative action, do one of the following: Click the link in the approval email and approve the action. Access the Approvals section on the Dashboard and approve or cancel the request. Managing approvals 11

6 Managing user accounts The Users tab displays all the users who have subscribed for Starling Two-Factor Authentication for two-factor authentication. You can manage the user accounts by performing the following user management tasks: Creating new user account: When a new user requires two-factor authentication security for his application, you can click Add and create a new user account. The user account must be created checking the license capacity of the subscription. Disabling and enabling the user account: When a user s phone is lost or is defective, you can click Disable and disable the user account as a security measure. When the phone is available and functional, you can click Enable and activate the disabled account. Deleting and restoring the user account: When a user is not using Starling Two- Factor Authentication, you can click Delete to delete the user account. When you delete a user, the account is immediately suspended and marked for deletion. Except Restore option, all other options are not available for the deleted users. You can click Restore and restore the user account from the Users pane in the 2FA Dashboard within 30 days period. After 30 days, the account is permanently deleted. Generating a temporary response code: When a user s phone is inaccessible, you can click Temporary response and provide the user a temporary response code for two-factor authentication. The code is valid for 15 minutes. Performing heath check: You can click Health check and verify whether the Starling 2FA app on the user s device is working properly or not. Displaying list of users: Select an option from the State drop-down menu. Click one of these options All, Active, Disabled, or Deleted to display list of users for the respective category. Managing user accounts 12

7 Customizing settings The Settings tab displays all the user authentication settings and the options to customize the token UI. You can set the User authentication settings and customize the token UI as per the requirement. Customizing user authentication The General tab displays the options to configure user authentication methods and to send installation instructions to install Starling 2FA app for authentication. If the Installation instructions option is set to ON, when a new user is added to the subscription, the user receives an SMS with instructions to install Starling 2FA app. You can configure the required methods for two-factor authentication on this tab. The following are the available options: Push notifications SMS Phone call NOTE: If the option is already enabled, it is not displayed. If the option is not enabled, you can enable it. If enabled, you cannot disable the option. Interactive phone calls To enable an option, set the option to ON. Customizing token UI The Token UI tab allows you to customize the appearance of the token user interface on Starling 2FA app. You can customize the images for main logo, menu logo and specify Customizing settings 13

colors for the token. NOTE: The logo images must be in PNG format and the file size must not exceed 128 KB. The dimensions of main logo must not exceed 588 X 214 pixels. The dimensions of menu logo must not exceed 81 X 81 pixels. You can also configure a token name to display on the Starling 2FA app. By default, Starling 2FA is displayed as the token name on the app. You can set a token name which is not more that 30 characters in the Token name field. When the customization is complete, the Starling 2FA app reflects the changes made on the Dashboard. Customizing settings 14

Starling 2FA application Starling 2FA application, for mobile and Chrome store is used to generate one-time passwords (OTP) and receive push notification requests. The Starling 2FA application is available for the following platforms: For Chrome: https://chrome.google.com/webstore/detail/starling- 2fa/khnikiidjicifceeiommikcipipmcngk For Android https://play.google.com/store/apps/details?id=com.starling.twofactor For ios: https://itunes.apple.com/app/starling-2fa/id1205700916 When users install the app, they register with a mobile phone number that serves as their unique ID. Users can install the app on different devices and register with the same phone number in order to be able to have a backup device in case the primary device is inaccessible. To generate OTP through Starling 2FA application: 1. If the user is provisioned in a Starling 2FA subscriptions they will see the token for that subscription in the app. Click the token to get the token response. 2. The users must copy the token response to log-in to the client application. Use push notifications: The user can either approve or deny a push notification request from Starling 2FA application. Starling 2FA application 15

About us About us Contacting us For sales or other inquiries, visit https://www.oneidentity.com/company/contact-us.aspx or call +1-800-306-9329. Technical support resources Technical support is available to One Identity customers with a valid maintenance contract and customers who have trial versions. You can access the Support Portal at https://support.oneidentity.com/. The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. The Support Portal enables you to: Submit and manage a Service Request View Knowledge Base articles Sign up for product notifications Download software and technical documentation View how-to-videos Engage in community discussions Chat with support engineers online View services to assist you with your product About us 16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback