Skip to content

HyID
(Two Factor Authentication)

Overview

HyID is a two-factor authentication solution that can be used either with HySecure or as a standalone solution. It offers a ready-to-use authentication system for third-party applications when used as a standalone solution.

The HyID policy allows for configuring MFA using diverse tokens such as SMS, Email, Mobile and Hardware, Push notifications, Face Authentication, PC tokens, FIDO, and Fingerprint authentication.

The HyID policy enables configuring MFA for users, user groups, or organizational units (OU). Consequently, members of these groups must authenticate using MFA generated through the designated mechanisms when accessing HySecure or third-party applications.

Multiple HyID policies can be created by the administrator and assigned to an authentication domain, which can then be linked to a HySecure domain.

Note

It is recommended to use HyID in conjunction with Active Directory to enable group-based resource access assignments.

Configuration Workflow

This section defines the workflow for creating a HyID policy.

  1. Create a HyID Policy.

  2. Identify the User/User Group of the Authorization Server configured as part of the Authentication Domain, for which 2 Factor Authentication is to be configured. The policy type should be chosen as "HySecure".

  3. Enable Two Factor Authentication and configure the following information :

    1. Channel through which OTP should be shared e.g. Email, SMS.

    2. For each of the selected channels, set various parameters like OTP token length, and token expiry time.

    3. Configure common OTP specific configurations like failed attempts etc.

Preference in case of multiple HyID policies

In case of multiple HyID policies getting configured for a user, the first one that matches would be applied.