Web Authentication Module Configurations
🎯 Purpose
Essential configurations for Web Authentication Module that must be configured during system setup for proper operation.
📋 Configuration Table
| Module | Config Name | Description |
|---|---|---|
| Common-Config | app.agents.enabled.for.totp | Set this configuration with appropriate AppAgent name which enables TOTP authentication |
| Auth Server | oidc.config.jwt.issuer.name | Specifies the issuer to use in JWT's "iss" claim |
| Auth Server | whitelisted.rp.server.ips | This config represents RP server IPs which are allowed to access Web Authentication server's whitelisted URIs e.g. Access Token endpoint (other endpoints/URIs are mentioned in the config auth.server.whitelisted.public.uris). Specify the RP server IPs in this configuration |
| Auth Server | allowed.hostnames | This config represents whitelisting requests based on hostnames. Specify the IP/domain on which the auth server application is available for the users |
| Auth Server | web.idv.server.bio.auth.uri | IDV Web Server url for performing Server Side Biometric Authentication during Account Recovery flow |
| Auth Server | web.idv.server.registration.uri | IDV Web Server url for performing IDV during Account Recovery flow |
| Auth Server | auth.level.default.attempt.counter | It is used to set values of attempt counter for authentication as comma separated value e.g. 5,5 (where first value represents attempt counter for first factor and second value represent attempt counter for second factor) |
🔧 Configuration Steps
📋 Step-by-Step Configuration Process
-
Access Gateway Management
• Log in to the Gateway Management console • Access administrative configuration interface -
Navigate to Module Configuration
• Go to Module Config Management screen • Access system configuration management -
Select Target Module
• Select appropriate Module name from the table above • Focus on specific module configuration -
Find Configuration Parameter
• Search for specific Config Name from the table • Locate the configuration parameter to modify -
Update Configuration Values
• Update configuration values as required • Ensure values meet system and security requirements -
Apply Configuration Changes
• Click "Restart Services" button • Apply changes to running system components
📊 Configuration Details
🔐 TOTP Authentication Configuration
- Module: Common-Config\
- Parameter:
app.agents.enabled.for.totp - Purpose: Enable TOTP authentication functionality
- Value: AppAgent name that supports TOTP
🎯 JWT Issuer Configuration
- Module: Auth Server\
- Parameter:
oidc.config.jwt.issuer.name - Purpose: Set JWT issuer claim value
- Impact: Affects JWT token validation
🛡️ IP Whitelisting Configuration
- Module: Auth Server\
- Parameter:
whitelisted.rp.server.ips - Purpose: Control access to whitelisted endpoints
- Security: Restricts access to authorized RP servers
🌐 Hostname Whitelisting Configuration
- Module: Auth Server\
- Parameter:
allowed.hostnames - Purpose: Whitelist requests based on hostnames
- Value: IP/domain where auth server is available
🆔 IDV Server Configuration
- Biometric Auth:
web.idv.server.bio.auth.uri\ - IDV Registration:
web.idv.server.registration.uri - Purpose: Configure IDV server endpoints for account recovery
🔢 Attempt Counter Configuration
- Module: Auth Server\
- Parameter:
auth.level.default.attempt.counter - Format: Comma-separated values (e.g., "5,5")
- Values: First factor attempts, Second factor attempts
⚠️ Important Notes
- Service Restart: Configuration changes require service restart\
- System Impact: Changes affect authentication behaviour
- Testing: Validate configuration changes in test environment
- Documentation: Maintain configuration documentation for reference
Updated 15 days ago