Skip to content

External Authentication

HySecure offers support for device approval through a Mobile Device Management (MDM) server. This feature enables devices to be automatically approved for logging into the HySecure Gateway using an external server, such as VMware.

The login process is based on the device's status on the MDM server. For successful login, the device must be registered on the MDM server.

To configure External Authentication:

  1. Log on to the Management Console.

  2. Go to Settings > Services Config > External Authentication.

  3. Under General Configuration, provide the following information:

    1. External Authentication Type: Choose Device Approval. Manual device approval is governed by the Device ID policy, which uses the Motherboard serial number as the device parameter from the MDM provider.
    2. Device Approval Mode: Choose MDM as the approval mode.
    3. Select MDM Provider: Choose the MDM provider name, VMWare.
    4. Endpoint URL: Enter the VMWare’s URL.
    5. Endpoint API Version: Choose the API version of VMWare.
    6. Search Attribute: This is the attribute based on which the device is identified and searched. Choose Motherboard ID.
    7. Read Timeout (Secs): This is the period within which data should be received on an established connection with External MDM.
    8. Connection Timeout (Secs): This is when a connection between HySecure and the External VMWare server must be established. After a configured time, HySecure will give a connection time-out message.
    9. Authentication Type: Choose the authentication type for MDM. If None is selected, the connection will be established without authentication. If Basic is selected, provide MDM Client ID, Client Secret, and Endpoint API Key.

    10. Authentication With External Server: Select the authentication frequency for the user's device. If Check on every login is selected, then a request will be sent to the MDM server for device authentication, regardless of whether the device's approval status in the HySecure gateway.

      Alternatively, when Check for new device is selected, the device will be approved or blocked from logging in based on its status in the HySecure gateway. If it's a new device, an authentication request will be sent to the MDM server.

  4. Click Submit.