CA CloudMinder Advanced Authentication › How Advanced Authentication Works › End User Authentication Flows › ArcotID PKI Flows › ArcotID PKI Only Flow
ArcotID PKI Only Flow
The ArcotID PKI Only flow defines the steps that must be performed to authenticate end users with the ArcotID PKI credential only. At runtime, this flow takes effect only if the AcrotID PKI credential is enabled.
This section describes the end-user authentication flow based on the following assumptions:
- The end user has enrolled with the Advanced Authentication service.
- The ArcotID PKI credential is provisioned on the device used by the end user.
End users are authenticated as follows:
- When trying to access a protected resource in a browser, the end user is prompted for their user name and LDAP password.
- The Advanced Authentication service then verifies that the end user is an existing user, and checks for the presence of an ArcotID PKI credential on the device being used.
- Since ArcotID PKI is present on the device, the Advanced Authentication service authenticates the user.
- If authentication is successful, the end user is granted access to the resource.
Copyright © 2012 CA.
All rights reserved.
|
|