Configure an HTTP redirect authentication mechanism

The HTTP redirect authentication mechanism integrates an external application. The application...

When we are using the HTTP Redirect Authentication Mechanism the value for 'Redirect URL' redirects the end user to an application that eventually performs an EAI Authentication. To this effect, the application should have an associated EAI Trigger URL in the ISAM configuration file. The EAI Application should also return an attribute with a name matching the HTTP Redirect Authentication Mechanism property 'Success Credential Attribute Name'. The value of that credential attribute must match the configured value in the property Success Credential Attribute Value to indicate the redirected authentication mechanism is successful. When we are redirecting to the External Application, the HTTP Redirect Authenticaton mechanism includes a Query Parameter of ReturnURL. This must be provided back to Verify Access as the am-eai-redir-url to redirect back to the authentication mechanism for validation the credential attribute is added as expected.

Steps

  1. Log in to the local management interface and and set property values...

      AAC > Policy > Authentication > Mechanisms > HTTP Redirect Authentication > Modify Modify > Properties tab > property > Modify Modify

  2. Take note of the properties for the mechanism.

      Redirect URL
      The URL to the external authentication application.
      Data type: String

      Success Credential Attribute Name
      The credential attribute name that verifies successful authentication.
      Data type: String
      Default: httpRedirectAuthCompleted.

      Success Credential Attribute Value
      The credential attribute value that verifies successful authentication.
      Data type: String
      Default: true.

  3. Click Save.


What to do next

When configuring the mechanism, a message indicates that changes are not deployed. When you finish the changes, deploy them. For information, see Deploying pending changes.

Parent topic: Authentication