Configure consent to device registration

Consent-based device registration is the process of registering the device fingerprint only after the user consents to the device registration.

The settings of the consent to device registration mechanism specify:

• Whether to set the authentication level of the user's credential when the consent to device registration is completed.
• The value to be used to set the authentication level. The authentication level on the credential is used to represent the strength of the authentication used to generate the credential.

By default, the authentication level is not set by the consent to device registration operation. Use this task to enable setting the authentication level on the user credential. When the authentication level is set, it can be evaluated as part of an access control policy or by the policy enforcement point to grant access to a resource that requires a specific authentication level .

Steps

1. Log in to the local management interface.
2. Click AAC.
3. Under Policy, click Authentication.
4. Click Mechanisms.
5. Click Consent to device registration.
6. Click .
7. Click the Properties tab.
   1. Select a property that we want to configure.
   2. Click .
   3. Enter the value for that property.
   4. Click OK.

8. Take note of the properties for the mechanism.

   Set Authentication Level Credential Attribute

   Enables the consent to device registration authentication to set the authentication level on the session.

   Data type: Boolean

   Default: False.

   Authentication Level Credential Attribute Value

   The authentication level value to be used when the consent to device registration is configured to set the authentication level.

   Data type: Integer.

   Default: 2.

9. Click Save.

What to do next

When we configure the mechanism, a message indicates that changes are not deployed. Deploy changes when you are finished. For more information, see Deploying pending changes.

Parent topic: Authentication