Symantec Access Management

Hello,

We are trying to implement push notifications as a second factor authentication for one customer in Layer7 Strong Authentication and in the Adapter component and I would like to clarify a few aspects:

1) Is Google FCM the only officially supported implementation?
2) When using the Google FCM service, how can we obtain the FCM ServerKey that needs to be inserted in the PushProvider.properties file?
3) Can the Strong Authentication server itself send push notifications? It's mentioned here (https://docops.ca.com/ca-advanced-authentication/9-0/en/administrating/administrating-ca-strong-authentication/managing-global-ca-strong-authentication-configurations/configuring-callouts-for-push-notification) that "CA Advanced Authentication now provides Push Notification as a Callout Service to support Second Factor Authentication for the available credentials. pushNotification_callout.jsp is available with CA Adapter." If this is the case, then does the CA Adapter need any further configuration (do we need to edit the PushProvider.properties and arcotafm.properties files)? If yes, can this be documented somewhere?

Thank you,
Alex

Hi Alex,

Please see answers inline -

1) Is Google FCM the only officially supported implementation?
--Yes Google FCM is the only officially supported implementation.

2) When using the Google FCM service, how can we obtain the FCM ServerKey that needs to be inserted in the PushProvider.properties file?
--OOTB server key should work just fine and no need to obtain a new FCM serverKey, if you are writing your own implementation using the Mobile SDK then you may need this else there is no need to have a separate ServerKey, other customers just use OOTB.

3) Can the Strong Authentication server itself send push notifications? It's mentioned here (docops.ca.com/ca-advanced-authentication/9-0/en/...) that "CA Advanced Authentication now provides Push Notification as a Callout Service to support Second Factor Authentication for the available credentials. pushNotification_callout.jsp is available with CA Adapter." If this is the case, then does the CA Adapter need any further configuration (do we need to edit the PushProvider.properties and arcotafm.properties files)? If yes, can this be documented somewhere?
--Push is provided through the CA Adapter component only and you need to install and deploy the AFM piece, yes you can create the callout in Strong auth for PUSH as a second factor and this implementation is primarily used in RADIUS integration.

Let us know if any questions.
Original Message:
Sent: 06-24-2019 10:31 AM
From: Alexandru Marin
Subject: Push notifications for CA Advanced Authentication

Hello,

We are trying to implement push notifications as a second factor authentication for one customer in Layer7 Strong Authentication and in the Adapter component and I would like to clarify a few aspects:

1) Is Google FCM the only officially supported implementation?
2) When using the Google FCM service, how can we obtain the FCM ServerKey that needs to be inserted in the PushProvider.properties file?
3) Can the Strong Authentication server itself send push notifications? It's mentioned here (https://docops.ca.com/ca-advanced-authentication/9-0/en/administrating/administrating-ca-strong-authentication/managing-global-ca-strong-authentication-configurations/configuring-callouts-for-push-notification) that "CA Advanced Authentication now provides Push Notification as a Callout Service to support Second Factor Authentication for the available credentials. pushNotification_callout.jsp is available with CA Adapter." If this is the case, then does the CA Adapter need any further configuration (do we need to edit the PushProvider.properties and arcotafm.properties files)? If yes, can this be documented somewhere?

Thank you,
Alex

Hi Namish,

Thanks a lot for your clarifications, really appreciated.

Have a nice day,
Alex
Original Message:
Sent: 06-25-2019 11:11 AM
From: Namish Tiwari
Subject: Push notifications for CA Advanced Authentication

Hi Alex,

Please see answers inline -

1) Is Google FCM the only officially supported implementation?
--Yes Google FCM is the only officially supported implementation.

2) When using the Google FCM service, how can we obtain the FCM ServerKey that needs to be inserted in the PushProvider.properties file?
--OOTB server key should work just fine and no need to obtain a new FCM serverKey, if you are writing your own implementation using the Mobile SDK then you may need this else there is no need to have a separate ServerKey, other customers just use OOTB.

3) Can the Strong Authentication server itself send push notifications? It's mentioned here (docops.ca.com/ca-advanced-authentication/9-0/en/...) that "CA Advanced Authentication now provides Push Notification as a Callout Service to support Second Factor Authentication for the available credentials. pushNotification_callout.jsp is available with CA Adapter." If this is the case, then does the CA Adapter need any further configuration (do we need to edit the PushProvider.properties and arcotafm.properties files)? If yes, can this be documented somewhere?
--Push is provided through the CA Adapter component only and you need to install and deploy the AFM piece, yes you can create the callout in Strong auth for PUSH as a second factor and this implementation is primarily used in RADIUS integration.

Let us know if any questions.
Original Message:
Sent: 06-24-2019 10:31 AM
From: Alexandru Marin
Subject: Push notifications for CA Advanced Authentication

Hello,

We are trying to implement push notifications as a second factor authentication for one customer in Layer7 Strong Authentication and in the Adapter component and I would like to clarify a few aspects:

1) Is Google FCM the only officially supported implementation?
2) When using the Google FCM service, how can we obtain the FCM ServerKey that needs to be inserted in the PushProvider.properties file?
3) Can the Strong Authentication server itself send push notifications? It's mentioned here (https://docops.ca.com/ca-advanced-authentication/9-0/en/administrating/administrating-ca-strong-authentication/managing-global-ca-strong-authentication-configurations/configuring-callouts-for-push-notification) that "CA Advanced Authentication now provides Push Notification as a Callout Service to support Second Factor Authentication for the available credentials. pushNotification_callout.jsp is available with CA Adapter." If this is the case, then does the CA Adapter need any further configuration (do we need to edit the PushProvider.properties and arcotafm.properties files)? If yes, can this be documented somewhere?

Thank you,
Alex