workday - Re: [InC-Workday] Question about 2FA and Workday
Subject: Discussion of use cases and implementation experience integrating with Workday
List archive
- From: Steven Carmody <>
- To:
- Subject: Re: [InC-Workday] Question about 2FA and Workday
- Date: Thu, 12 Nov 2015 10:47:03 -0500
+1 from Brown.
On 11/12/15 10:37 AM, David Langenberg wrote:
We also would want Use SAML with different Authn Context. What we
definitely do not want is the first option. We already have a MFA
solution that we're quite fond of and would not want to have multiple
MFA solutions that are vendor-specific.
Dave
On Nov 12, 2015, at 8:31 AM, Gary Chapman
<
<mailto:>>
wrote:
We'd want:
* Use SAML (using a different authentication context from your
SAML-based first-factor authentication) to perform the 2FA at your IdP
Perhaps we'd desire step-up for specific tasks but also for specific
people/roles...
- Gary
On Thu, Nov 12, 2015 at 10:28 AM, Belcher, C W
<
<mailto:>>
wrote:
Hi folks,
FYI UT Austin had a discussion with Workday yesterday about
possible enhancements to authentication policies to allow specific
tasks to be identified as “sensitive” that would require
two-factor authentication. This would allow the enforcement of
“step-up” authentication when specific tasks are being performed.
My question for the group is: If you were to use this
functionality, how would you prefer the two-factor authentication
be accomplished?
* Use OTP functionality in Workday (delivered via SMS or email,
or perhaps using a TOTP app/token)
* Use SAML (using a different authentication context from your
SAML-based first-factor authentication) to perform the 2FA at
your IdP
* Use another process?
Thanks, CW
*——*
*
*
*C.W. BELCHER*, Associate Director ____
Identity & Access Management | Information Technology Services ____
The University of Texas at Austin| 512-232-6519
<tel:512-232-6519> | FAC 326R
--
David Langenberg
Identity & Access Management Architect
The University of Chicago
- [InC-Workday] Question about 2FA and Workday, Belcher, C W, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, David Langenberg, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/12/2015
- RE: [InC-Workday] Question about 2FA and Workday, Michael W. Brogan, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Linda Pruss, 11/13/2015
- Re: [InC-Workday] Question about 2FA and Workday, Michael R Gettes, 11/13/2015
- RE: [InC-Workday] Question about 2FA and Workday, Michael W. Brogan, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, David Langenberg, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Tom Scavo, 11/13/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/15/2015
- Re: [InC-Workday] Question about 2FA and Workday, Tom Scavo, 11/15/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/16/2015
- Re: [InC-Workday] Question about 2FA and Workday, Linda Pruss, 11/16/2015
- Re: [InC-Workday] Question about 2FA and Workday, Belcher, C W, 11/19/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/20/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/12/2015
Archive powered by MHonArc 2.6.16.