workday - RE: [InC-Workday] Question about 2FA and Workday
Subject: Discussion of use cases and implementation experience integrating with Workday
List archive
- From: "Michael W. Brogan" <>
- To: "" <>
- Subject: RE: [InC-Workday] Question about 2FA and Workday
- Date: Thu, 12 Nov 2015 16:24:48 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) ;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:23
+1 for University of Washington
-----Original Message-----
From:
[mailto:]
On Behalf Of Steven Carmody
Sent: Thursday, November 12, 2015 7:47 AM
To:
Subject: Re: [InC-Workday] Question about 2FA and Workday
+1 from Brown.
On 11/12/15 10:37 AM, David Langenberg wrote:
> We also would want Use SAML with different Authn Context. What we
> definitely do not want is the first option. We already have a MFA
> solution that we're quite fond of and would not want to have multiple
> MFA solutions that are vendor-specific.
>
>
> Dave
>
>> On Nov 12, 2015, at 8:31 AM, Gary Chapman
>> <
>>
>> <mailto:>>
>> wrote:
>>
>> We'd want:
>>
>> * Use SAML (using a different authentication context from your
>> SAML-based first-factor authentication) to perform the 2FA at
>> your IdP
>>
>> Perhaps we'd desire step-up for specific tasks but also for specific
>> people/roles...
>>
>> - Gary
>>
>> On Thu, Nov 12, 2015 at 10:28 AM, Belcher, C W
>> <
>>
>> <mailto:>>
>> wrote:
>>
>> Hi folks,
>>
>> FYI UT Austin had a discussion with Workday yesterday about
>> possible enhancements to authentication policies to allow specific
>> tasks to be identified as “sensitive” that would require
>> two-factor authentication. This would allow the enforcement of
>> “step-up” authentication when specific tasks are being performed.
>>
>> My question for the group is: If you were to use this
>> functionality, how would you prefer the two-factor authentication
>> be accomplished?
>>
>> * Use OTP functionality in Workday (delivered via SMS or email,
>> or perhaps using a TOTP app/token)
>> * Use SAML (using a different authentication context from your
>> SAML-based first-factor authentication) to perform the 2FA at
>> your IdP
>> * Use another process?
>>
>> Thanks, CW
>>
>> *——*
>> *
>> *
>> *C.W. BELCHER*, Associate Director ____
>> Identity & Access Management | Information Technology Services ____
>> The University of Texas at Austin| 512-232-6519
>> <tel:512-232-6519> | FAC 326R
>>
>>
>
>
> --
> David Langenberg
> Identity & Access Management Architect The University of Chicago
>
- [InC-Workday] Question about 2FA and Workday, Belcher, C W, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, David Langenberg, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/12/2015
- RE: [InC-Workday] Question about 2FA and Workday, Michael W. Brogan, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Linda Pruss, 11/13/2015
- Re: [InC-Workday] Question about 2FA and Workday, Michael R Gettes, 11/13/2015
- RE: [InC-Workday] Question about 2FA and Workday, Michael W. Brogan, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, David Langenberg, 11/12/2015
- Re: [InC-Workday] Question about 2FA and Workday, Tom Scavo, 11/13/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/15/2015
- Re: [InC-Workday] Question about 2FA and Workday, Tom Scavo, 11/15/2015
- Re: [InC-Workday] Question about 2FA and Workday, Steven Carmody, 11/16/2015
- Re: [InC-Workday] Question about 2FA and Workday, Linda Pruss, 11/16/2015
- Re: [InC-Workday] Question about 2FA and Workday, Belcher, C W, 11/19/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/20/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/26/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/20/2015
- Re: [InC-Workday] Question about 2FA and Workday, Gary Chapman, 11/12/2015
Archive powered by MHonArc 2.6.16.