Default Policy and Authenticators
Overview
With Server 3.8.0, two RP applications are pre-packaged: the HYPR Default Workstation Application, and the HYPR Default Web Application. Each application comes with its own set of registration and authentication policies, and AAIDs (i.e. metadata of authenticators). A policy is a set of rules required to perform registration and authentication with the selected set of authenticators.
HYPR Default Workstation Application
This application is used to manage access for Desktop MFA Applications for Windows or Mac OS platforms.

Please note
There are two notifications at the top of the Control Center. These notify the user that the license key file has not been uploaded, and SSL Pinning is disabled. Please refer to their sections to learn more.
Authentication and Policy Management
Default authenticators, Native and PIN, are pre-installed.

Default Authentication Policies
Admins can view or edit the default policy by clicking on the 'pencil' icon.

After clicking the pencil icon, the admin can view the set of authenticators' metadata already uploaded and default policies.

Default Registration Policy
'defaultRegAction' is the registration policy. The user is prompted with authenticator options during device registration.
Default registration policy is Native ID OR PIN. This means during registration the users will be asked to enroll with their Native ID (for iOS: TouchID or FaceID, and for Android: Biometric prompt). The second registration option is the PIN authenticator which offers an alternative authenticator when a Native ID is unavailable.

Default Authentication Policy
defaultAuthAction
is the default authentication policy - Native OR PIN

Edit Policy
To learn more about editing policy, refer to the Editing RP Application section.
HYPR Default Web Application
This application should be used to manage access to Web Applications.

Please note
There are three notifications at the top of the Control Center. These notify the user that the license key file has not been uploaded, SSL Pinning is disabled, and a PUSH provider has not been selected. Refer to their sections to learn more.
Default Authentication Policies
Admins can view or edit the default policy by clicking on the 'pencil' icon (as shown in the image above). After clicking the 'pencil' icon, the admin can view the set of authenticators, AAIDs, and configured default policies.

Default Registration Policy
Default AAIDs are Native ID AND PIN

Default Authentication Policy
Default AAID is Native

Default Step-Up Authentication Policy
Default AAID is PIN

Updated 11 months ago