How to configure Idaptive Identity Services for RADIUS
Idaptive Identity Services supports RADIUS in two ways. The first is to use the Idaptive Connector as a RADIUS server for clients that support RADIUS authentication, such as VPNs. Using Idaptive Identity Services with your RADIUS client, you can provide a second authentication layer for added security. For example, if a VPN concentrator uses RADIUS for authentication, you can configure email as a secondary authentication requirement. A typical work flow is when a RADIUS client (like a VPN server) uses the Idaptive Connector as a RADIUS server to authenticate an incoming user connection. Depending on the user type, the connector authenticates the credentials either through Active Directory or Idaptive Identity Services and returns the authentication result to the RADIUS client. This diagram shows the work flow. See Configuring the Idaptive Connector for use as a RADIUS server for configuration details.
The second way to use RADIUS with Idaptive is to use your existing RADIUS server for user authentication into Idaptive Identity Services by defining the Idaptive Connector as a RADIUS client. When users attempt to log in to Idaptive Identity Services and selects an external RADIUS server as a multi-factor authentication (MFA) mechanism, we send the user credentials (username and passcode) to the connector, which validates them against the configured RADIUS server, and returns the result of that validation to Idaptive Identity Services. This diagram shows the work flow. See Configuring the Idaptive Connector for use as a RADIUS client for configuration details.