Tools4ever adds RADIUS support to it's Cloud-Based Single Sign-On (SSO) Solution
Tools4ever is proud to announce the addition of RADIUS support to its Cloud-Based Single Sign-On (SSO) solution, HelloID.
RADIUS support extends HelloID’s existing Multi-Factor Authentication (MFA) functionality to connect to any One-Time Password (OTP) client.
RADIUS (Remote Authentication Dial-In User Service) is a client/server protocol traditionally used to provide a remote authentication and authorization method for end users that verifies credentials against Active Directory (AD) to grant more-secure access to a Local Access Network (LAN). HelloID’s incorporation of RADIUS uses its functionality to support broader OTP usage for more-secure MFA during user authentication. Because RADIUS is already a commonly adopted technology, this functionality is immediately available to any organization who already has RADIUS-enabled servers.
When accessing the HelloID portal with RADIUS enabled, a user will be authenticated according to the configured Access Policies (time of day, acceptable IP address, acceptable geographic location, etc.), the prompted input and verification of AD credentials via the HelloID agent, and then prompted input and verification of an OTP via the RADIUS Client. Any desired OTP client is configured within HelloID’s management dashboard and will display the user’s given OTP – commonly valid for 30 seconds and typically via a smartphone app. The RADIUS client connects to any configured LAN or cloud-hosted RADIUS server to verify the entered username and OTP. Because a user’s AD credentials are verified via the HelloID agent, the RADIUS client does not connect to AD in this process and is only used to verify OTPs. Authenticated according to their AD credentials and given OTP, a user will be granted access to their applications and resources that are managed through HelloID.
To configure RADIUS functionality within HelloID, a logged-in Administrator will now have “RADIUS Servers” as an option underneath the “Security” heading, where they can add, edit, configure, or delete servers. Under “Login Access Rules”, the specific type of MFA can be set to verify OTPs via RADIUS or another Authenticator.