Configure an Info Map authentication mechanism
Use this mechanism in the policy to return a template form and perform validation on the responding POST data. This mechanism is intended to work in conjunction with the Email Message mechanism.
The Info Map mechanism can be used to implement JavaScript authentication mechanisms. When this mechanism is invoked, the configured JavaScript mapping rule will be run.
- If the rule returns FALSE, then a page will be returned to the user. The JavaScript can also define which page to return or it can use a preconfigured page. The JavaScript can also populate any macros on the page and modify what is displayed to the user.
- If the rule returns TRUE, then the mechanism will return success and the policy will continue.
The following parameters are available in an Info Map mapping rule:
- Context
This is an authentication service context. It is identical to what is provided in the Authentication Service Credential mapping rule. For information about how to use the context, see the context attributes section of Authentication policy parameters and credentials.
Use the context to make changes to the credential and the values the Email Message mechanism will display.
- State
A state map used for the lifetime of this mechanism invocation. Each instance of this mechanism will have a new state map created per invocation of the policy. If the user invokes the policy again, the state map will be empty because the state map is discarded when the rule returns TRUE.
- Page
The path to the page to be returned. By default, this parameter is set to the value that is configured in the mechanism properties. It can be modified to return a different page.
- Macros
A map of macros that will be populated on the returned page.
- Success
Whether the rule execution was successful. This parameter is set to TRUE if the rule was successful and the policy will continue. It is set to FALSE if the rule was not successful and a page will be returned to a user.
Steps
- Log in to the local management interface.
- Click AAC.
- Under Policy, click Authentication.
- Click Mechanisms.
- Click Info Map Authentication.
- In the New Authentication Mechanism window, set the name and identifier of the mechanism on the General tab. If we are modifying an existing Info Map authentication mechanism instead of creating a new instance, values on the General tab cannot be changed.
- Click the Properties tab.
- Select a property to configure.
- Click Modify Property.
- Enter the value for that property.
- Template Page
- This property defines the HTML template page.
- Map Rule
- Select a mapping rule from the list. Only JavaScript mapping rules in the InfoMap category are displayed in the list for selection.
- Click OK.
- Repeat the previous steps as needed.
- Click Save.
What to do next
After we have configured the mechanism, a message that indicates the changes are not deployed will be displayed. Deploy the changes when we are finished. For information, see Deploying pending changes.
After deploying the changes, we can create policies that include this mechanism. For more information, see Create an authentication policy.
- Embedding reCAPTCHA verification in an Info Map mechanism
We can embed reCAPTCHA verification in Info Map mechanism instances.- Available parameters in Info Map
The following parameters are available in a mapping rule that is invoked by the Info Map authentication mechanism.- Embedded Cloud Identity API calls in an Info Map mechanism
We can embed Cloud Identity (CI) API calls in Info Map mechanism instances with a new client, CI Client. Configure a CI Server connection to make calls with the CI Client.
Parent topic: Authentication