Skip to main content
Question

IFS Aurena ADFS with MFA

C
Do Gooder (Customer)
Forum|alt.badge.img+2

Hi All, 

We have Apps 10 configured with ADFS. We have published Aurena via WAP for external access. When users are external they should be prompted for credentials + MFA, this used to work. But recently we noticed users are not being prompted for MFA.

As a test we changed our Access Control Policy to always force credentials + MFA on all sessions. Testing with IEE it prompts for credentials + MFA, testing with Aurena it only prompts for credentials no MFA. Not sure why this is happening, my understand was IEE and Aurena use the same configuration from the middleware server.

Has anyone experienced something similar? Any IFS partners out there with ADFS experience or deep knowledge on how middleware authenticates against ADFS?

Thanks,
Chris

This topic has been closed for comments

S
Superhero (Employee)
Forum|alt.badge.img+21
  • Sajith D
  • Superhero (Employee)
  • March 2, 2022

Hi @CBlaze,

Not sure how your App registration is setup on ADFS side but one thing to look at is to see whether the app registration client id’s used in IFS Admin console are the same or different for Aurena (Client ID Web) and IEE (Client ID Native). If you are using the the 2 registration method rather than a single app registration, it’s possible you are applying the controls only against the IEE one. 

Cheers

C
Do Gooder (Customer)
Forum|alt.badge.img+2
  • CBlaze
  • Do Gooder (Customer)
  • March 2, 2022

Hi @Sajith D 

Thanks for the reply. ADFS is current configured in a single application mode. When I force MFA via access policy IEE always asks for MFA, but Aurena just seems to log in. 

We think the issue is causes by a delivery provided by IFS. After reviewing everything and looking at logs and confirming with users it appears to have happened after that was applied. 

I have a ticket open with support and waiting to hear back from them.

S
Superhero (Employee)
Forum|alt.badge.img+21
  • Sajith D
  • Superhero (Employee)
  • March 2, 2022

Hi @CBlaze ,

That is quite interesting. I’m quite keen to hear what happened in this case and would be great if you can update the post when you hear back from support.

Cheers,

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings