Client components types

SOAP client programs

SOAP client programs are not called 'SOAP clients'. The program itself specifies the type as a parameter to each request. A client component record must exist for this type at the network location (IP address) where the application runs. The policy in the component record will be used when processing all requests from that client.

Administration Program

Creating an Administration Program component record for a OneSpan administration program (e.g. Administration Web Interface or Audit Viewer) allows a policy to be set for connections from that program.

A component record must exist for each Administration Web Interface or any other administration program that uses SOAP and SEAL.

IDENTIKEY User Websites

IDENTIKEY User Websites is a pre-defined SOAP-based client component used for OneSpan User Websites clients. The client component record will be verified whenever the OneSpan User Websites client sends request to OneSpan Authentication Server Appliance.

One client component record must exist for each OneSpan User Websites client installed at different network locations (IP address). Each client component record requires a valid license key.

RADIUS Client

A RADIUS client component record is required when clients will be sending authentication requests to OneSpan Authentication Server Appliance using the RADIUS protocol. The OneSpan Authentication Server Appliance will use the component record to find:

• The shared secret to use for communication with the RADIUS client.
• The policy to apply to the authentication request.

A default RADIUS client component record is automatically created during installation of OneSpan Authentication Server Appliance. This default record can be deleted and replaced by specific records for each required location.

The default RADIUS client created during installation will be given a shared secret by default.

For information about a typical setup of a RADIUS client, see Typical RADIUS setup.

Digipass Authentication Module clients

A component record is required for any Digipass Authentication Module used with OneSpan Authentication Server Appliance. The component record will be used whenever the Digipass Authentication Module sends an authentication request to OneSpan Authentication Server Appliance. OneSpan Authentication Server Appliance verifies:

• That the component record contains a valid license key for a client module.
• Which policy to apply to the authentication request.

The following client types fall into this category:

• Citrix Storefront. Used for Digipass Authentication for Citrix StoreFront.
• IIS Module. Used for Digipass Authentication for IIS Basic.
• Microsoft ADFS. Used for Digipass Authentication for Microsoft ADFS.
• Outlook Web Access. Used for Digipass Authentication for OWA Basic and Digipass Authentication for OWA Forms.
• Windows Remote Desktop Web. Used for Digipass Authentication for Remote Desktop Web Access.

For more information about a typical setup of a Digipass Authentication Module product, see Typical Digipass Authentication Module setup.

DIGIPASS Authentication for Windows Logon

DIGIPASS Authentication for Windows Logon is a pre-defined SOAP-based client component used for Digipass Authentication for Windows Logon 2.x and later. Client component records of this type require a valid client component license.

Client component records of this type are required for all client IP addresses used to log on to Windows via Digipass Authentication for Windows Logon. However, you can define client component records to cover IP address ranges instead of individual client component records for each individual IP address.