Configuration of TLS Settings

Updated on 25 Oct 2024
1 Minute to read

Share
Dark
Light

Article summary

Did you find this summary helpful?

Thank you for your feedback

Intelligent Adaptive Authentication uses the Transport Layer Security (TLS) protocol. Ensure to observe the following requirements for your integration of Intelligent Adaptive Authentication.

The correct TLS settings must be provided on the certificate handshakes.

Supported TLS versions

The Intelligent Adaptive Authentication endpoints support the following TLS versions:

TLS 1.2
TLS 1.3

When you connect to Intelligent Adaptive Authentication, you must use one of these TLS versions!

Supported cipher suites

For the different TLS versions, the Intelligent Adaptive Authentication endpoints support the following TLS cipher suites:

TLS 1.2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS 1.3
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256

When you connect to Intelligent Adaptive Authentication, you must use one of these TLS cipher suites!

Server Name Indication

You must support Server Name Indication (SNI) when communicating with Intelligent Adaptive Authentication endpoints. SNI is an extension of the TLS protocol that enables a client to specify the domain name it is trying to reach.

Was this article helpful?

What's Next

FIDO UAF Onboarding in the Sandbox and Production Environments

Table of contents

Supported TLS versions
Supported cipher suites
Server Name Indication