Active Roles Community

Forum Enforce multifactor authentication for logging into ActiveRoles web interface

State Not Answered
Replies 4 replies
Subscribers 63 subscribers
Views 897 views
Users 0 members are here

Options

Related

Enforce multifactor authentication for logging into ActiveRoles web interface

kvogel over 1 year ago

How do you enforce MFA for logging into the ActiveRoles web interface?

Top Replies

jody gilbert over 1 year ago +1

We implemented AzureAD authentication for this and used conditional access to enforce MFA.
jody gilbert over 1 year ago in reply to Aidar.Karabalaev +1

As long as the client has internet access, using Azure AD should work as the server doesn't need access to Azure AD for SAML authentication to work.

If AzureAD or another public idp isn't available…

0 jody gilbert over 1 year ago

We implemented AzureAD authentication for this and used conditional access to enforce MFA.
Cancel
Up +1 Down

Reply

Verify Answer

Cancel
0 Aidar.Karabalaev over 1 year ago

Note, that customer might use ARS (a) in INTRANET-ONLY, and (b) HelpDesk team uses their onprem-AD\admin-jsmith like accounts (without O365 email and, therefore, no MFA). Assuming ARS does not bridge directly to AAD/O365 and the only MSFT AADConnect does the bridge AD/EX<-->AAD/O365.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 jody gilbert over 1 year ago in reply to Aidar.Karabalaev

As long as the client has internet access, using Azure AD should work as the server doesn't need access to Azure AD for SAML authentication to work.

If AzureAD or another public idp isn't available, another option is to use ADFS instead.
Cancel
Up +1 Down

Reply

Verify Answer

Cancel
0 kvogel 11 months ago in reply to jody gilbert

AzureAD is available.
Cancel
Up -1 Down

Reply

Verify Answer

Cancel