8.5 Specifying Authentication Defaults

You can specify default values for how the system processes user stores and authentication contracts. The default contract is executed when users access the system without a specified contract, and when the Access Gateway is configured to use any authentication.

Additional default contracts can be specified for each authentication type that might be required by a service provider. These contracts are executed when a request for a specific authentication type comes from a service provider.

  1. In the Administration Console, click Access Manager > Identity Servers > Servers > Edit > Local > Defaults

    Authentication default settings

  2. Configure the following fields as necessary:

    User Store: The default user store for local authentication. If you selected <Default Userstore> when configuring an authentication method, the system uses the user store you specify here.

    Authentication Contract: The default authentication contract to be used for local authentication. If you create a new contract and specify it as the default one, ensure that you update the Access Gateway configuration if it is configured to accept the default (Any) contract. See Section 13.4, Configuring Protected Resources.

    Authentication Type: The default authentication contracts to be used for each authentication type. The identity provider uses the default authentication contract specified here, when the identity provider receives an authentication request from a service provider for a specific authentication type.

    You must create the authentication contracts prior to assigning them as defaults. (See Configuring Authentication Contracts.)

  3. Click OK.

  4. Update the Identity Server.