Add configuration to only allow one profile per issuer and device
This guide describes how to configure PhenixID Authentication Services in order to only allow one OneTouch profile per issuer and device
Requirements
- PhenixID Authentication Services version 3.1 or above
- One Touch must be configured.
Perform the following steps in the ADVANCED tab of the Configuration GUI.
Step 1 - Find the pki module
Open Modules
Find the "com.phenixidentity~phenix-pki" created by the One Touch scenario.
Step 2 - Add configuration param
Click on the pen to edit the "com.phenixidentity~phenix-pki" module.
Add the configuration parameter "issuer_exclusive" : "true".
Example:
{
"name": "com.phenixidentity~phenix-pki",
"enabled": "true",
"config": {
"issuer": "My Issuer",
"issuer_exclusive": "true",
"ca_ref": "645cd36a-55a8-472c-825c-3ba0a063323e",
"ca_profile": "8220a170-a86e-4e22-b558-1ac85571f4ae",
"client_key_algorithm": "RSA",
"client_key_size": "2048",
"url_prefix": "http://192.168.10.169:8445",
"actions_url": "http://192.168.10.169:8445",
"http_configuration_ref": "29037ccc-b321-456d-a5de-df16a6b1ea46",
"guide_ref": "594975f8-aa41-41dd-b6f4-3466eb1b3fc2",
"guide_id": "guides.onetouch"
},
"created": "2020-02-03T09:38:22.421Z",
"id": "3043603d-f804-4f48-9201-844ff0a70380"
},
Step 3 - Find the tokens module
Find the "com.phenixidentity~phenix-tokens" created by the One Touch scenario.
Step 4 - Add configuration param
Click on the pen to edit the "com.phenixidentity~phenix-tokens" module.
Add the configuration parameter "pki_issuer_exclusive" : "true".
Example:
{
"name": "com.phenixidentity~phenix-tokens",
"enabled": "true",
"config": {
"url_prefix": "http://192.168.10.169:8445",
"http_configuration_ref": "29037ccc-b321-456d-a5de-df16a6b1ea46",
"use_push": "true",
"pki_issuer_exclusive": "true",
"guide_ref": "594975f8-aa41-41dd-b6f4-3466eb1b3fc2",
"guide_id": "guides.onetouch"
},
"created": "2020-02-03T09:38:22.427Z",
"id": "2775bb2e-4f37-4209-a94c-9a8146ab7bb4"
}
Click Stage changes and Commit Changes.