Using a different authentication scheme for the admin account

Introduction

Because the admin account on Hypersocket is such an important account (as it is the super user), it makes sense to increase the logon security for this account.

One way of doing this could be to just add a second authentication factor to the Browser authentication scheme. However, doing this will also apply the same scheme to all users and there may be times where you either want to do this just for admin, or you want admin to have a completely different set of strong authentication than you have set up for your users.

This article will explain how you can achieve this.

 

1. Admin Logon setting

Ordinarily, users and admin log in via the same URL, so we first need to separate the admin logon from the normal user logon.

Navigate to Authentication->Settings and click on the Admin tab. There is only one setting here, turn on the Admin Logon button and click Apply.

 

2. Authentication Scheme

Now navigate to Authentication->Schemes and click on the Admin tab there. Alter the authentication flow as required. In this example, we have added PIN after the default Username+Password by clicking the plus icon on the PIN module. Click Save when you have finished.

 

3. Logging on/testing

Now we have set up a scheme just for admin and turned on the Admin Logon setting, any authentication attempts to the normal UI for the admin account will now fail.

Instead, for this account we must now log on using a different URL.

In your browser, go to https://<yourserver>/hypersocket/admin

This presents the same logon page, but this will only work for admin and will use the above configured authentication scheme.

 

 

Have more questions? Submit a request

Comments