Determination of authentication

The Agile.Now platform offers a configurable authentication system that enables organizations to set appropriate security levels for both system-wide and application-specific access. Understanding how to determine and set these authentication levels is crucial for maintaining both security and user accessibility.

System-Level Authentication Configuration

At the system level, administrators can define the default authentication method required for users to access the service. This base level is often set to the least stringent option that meets the organization's security requirements to ensure broad accessibility. Available options typically include:

• Standard Password Login (PWD)
• One-Time Password (OTP)
• Multi-Factor Authentication (MFA)
• Single Sign-On (SSO)

Application-Specific Authentication Overrides

Each application within the Agile.Now platform can have its own authentication requirements, which can be more or less stringent than the system-level settings. This is configured within the 'Security' section of the Settings application, where administrators can select the required sign-in level for each app.

Authentication In Practice

When a user attempts to access an application, the platform determines the necessary authentication method based on the following rules:

• If the application-specific login level is not configured, the system defaults to the general sign-in level.
• If the application requires a higher login level than the system default, the platform will prompt the user for additional authentication factors according to the app’s requirements.
• In cases where the application's sign-in method is lower than the system level, the user’s session-level login suffices, and no further action is needed.

Ensuring Seamless User Experience

The Agile.Now platform is designed to ensure that any additional authentication steps are as seamless as possible. For example, if an application requires MFA and the user has not yet authenticated to that level, the system will automatically guide them through the necessary steps. This process is transparent to the user, preventing access to the application until the higher authentication standard is met.

Impact of Refactoring on Authentication

It's important to note that any refactoring of the application could lead to a desynchronization of the authentication structure. Administrators should thoroughly test any changes in a development or staging environment before implementing them into production to avoid disrupting user access.

Summary

The determination of authentication methods in the Agile.Now platform is a critical part of access management that balances security with usability. By allowing for both system-wide and application-specific authentication settings, the platform provides the flexibility needed to address varied security needs across different applications and user scenarios.