• Planning for mandatory multifactor authentication for Azure

    Microsoft has announced that starting in October of this year, MFA will be required to sign-in to Azure portal, Microsoft Entra admin center, and Intune admin center. We have several customers who are using NAM as an IdP via WS-Fed federation, and I…
  • Office 365 integrate with NAM using SAML2.0

    Hi, We are having NAM 5.0. We are planning to integrate office 365 with NAM using SAML 2.0 but But I can't really figure out where to start. if someone will share the high level steps to perform this integration then it would be really appreciated…
  • Request was from an untrusted provider NAM

    Hi, I'm trying to setup SSO SAML from Keycloak and NAM. In my keycloak admin console I have imported the metadata.xml of the NAM related environment (given to me from my organization) and I have set all the fields and stuff needed to connect my keycloak…
  • SAML: 500 Internal Error when user logs in with expired password

    Hello Everyone, I am facing an issue when a users logs in with expired password that has authenticated using Risk Based Policy. The configurations are as follows: - I have defined a Risk Based Policy that authenticates users via Form based method…
  • SSO to NAAF in the middle of a contract

    I have curious case. A contract with the method of Secure Password Form + an NAAF authentication. As the user does not have any method enrolled in NAAF, he is redirected to NAAF to enroll a method. I want to do SSO by injecting the credentials, but the…
  • Malformed XML when importing metadata into Access Manager v5.0.4

    Dear Community, I am trying to configure SAML2 SSO between Access Manager and GitLab which should be supported since GitLab is able to act as SAML2 SP and AM can act as an SAML2 IdP. I clicked to edit on IDP and wanted to create new trusted provider…
  • SSO SAP GUI

    Hello, community! Is that possible to use NAM or IDM itself to SSO in SAP GUI? What's the best approach on this scenario? Thanks
  • Form Fill Authentication Issues

    We are experiencing issues with Form-Fill Authentication, the actual use-case we are trying to achieve is the Login Form has a method POST and have three fields, Username/password and an extra hidden field passwordAd which is used to connect with their…
  • netiq access manager saml2 integration symphony summitai

    Hi Team, We are trying to configuring saml2.0 with symphony summit application integration is completed successfully. when we are trying to access on that time it is showing no endpoint defines error we tried to change from the below URL but not working…
  • How to set SSO Session time

    Hi I want to set session time of IDP , I set IDP-Default time out is 120 minutes, but not effect. So I want to Set session effect time is 30 days. how to do?
  • Oauth Password mode not register session

    Hi I use one app use password mode, I want to use the app is portal, but the app login , click other app need re-input user/password on idp. So I want to use the password mode app by pass username/password , and click other app don't need input username…
  • How to use "Access Gateway injects the Access token on behalf of web applications"

    Dear community, I would like to use Access gateways to implement the scenario described here: https://www.netiq.com/documentation/access-manager-45-appliance/admin/data/b1dj6b2f.html#t40y6o6qwlhe The user sends request to access a web application protected…
  • How to restrict access by Device ID (Fingerprint?)

    Hi, We want to limit access to previously registered devices. It seems that the solution would be to use the risk policies with Fingerprint, but all the information that it seems that we can capture from the device is descriptive (version, language, operating…
  • Access Manager strips everything following # from URL-request at login. After login, no problem.

    Hello everyone. After upgrading a clients IDM from 4.5 to 4.7, we have trouble with the Access Manager integration in front of it, when it comes to the mails people receive about their pending approvals and such. In 4.7, These URL's are somewhat like…
  • Risk-based policies for Win10 workstations with Intune

    Hi, Having NAM Federated with AzureAD (acting NAM as the IDP), does anyone know if it's possible to deny the access to O365 to any workstation that is not registered with Intune? I think it's possible to achive this with Azure AD Conditional Access, but…
  • Customize AM Login to lookup User first then Prompt Password

    Hi, Have anyone customize current NAM 4.5 NIDP Login page to display Username first -> click Next to lookup User -> Prompt Password if user exist in User Store else display message like "Your User ID does not exist, please contact...". The flow is just…
  • NullPointerException building acr field for OIDC ID token

    I have following setup. NAM acts as OpenID Connect identity provider for different clients. Clients are calling NAM with Authorization code flow, requesting scope openid and profile. If user authenticates on NAM using standard username/password or any…
  • Post SSL certificate upgrade - metadata still gives the old certificate

    We are using the external CA signed certificate for signing and encryption. Its going to expire in some days. So i have created a new CSR and get it signed and added those in trusted roots and assigned it for the IDP and AG devices. I have replaced the…
  • Identity Provider response was received that failed to authenticate this session.

    Can anyone help in this error ? I tried configuring the user app OSP for NAM SSO under SAML 2.O Error: An Identity Provider response was received that failed to authenticate this session.
  • Virtual attributes refresh time

    Hi, In a SAML federation we are sending the SP in the assertion a Virtual Attribute calculated from user attributes of the eDirectory user source. We see that these attributes do not seem to be updated until the session is closed and the user is authenticated…
  • External OpenID Connect Identity provider

    Hi! We need to integrate NAM with external identity provider (Norwegian Buypass). But this identity provider supports only OpenID Connect. Has anybody done that? I was looking at social auth class to maybe use that, and there is a possibility to choose…
  • Azure AD Windows 10 login

    Hi, Can anyone confirm if the following scenario can work with NAM?: An Azure AD Domain federated with WS-Trust with NAM with the corporate directory (eDir). A workstation is registered in this Azure AD Domain. The user login into the workstation using…
  • SaaS Account Management

    Hi All, Does anybody knows how to get access to this ? Download URL ? Is there any evaluation or it's part of NAM entitlements ? Regards, Kengh
  • IDAM UserApp SSO integration with OAUTH

    Is it possible to integrate userapp sso under oauth protocol in NAM? I have didn't in SAML but OAuth am not sure..
  • SSPR 5015 Error with Access Manager OAuth Integration for SSO

    Hi, I am trying setup my AM 4.5 Appliance to integrate with SSPR 4.4 using OAuth for SSO. I had following the SSPR Integration with Access Manager documentation and configured accordingly. When I try to access SSPR, it was redirected to AM for login.…