Page created: 15 Jul 2020 |
Page updated: 29 Jan 2021
The integrated Username Token Processor accepts and validates username security tokens.
- Go to Token Processors window. to open the
Select on an existing token processor instance by clicking its name in the
Instance Name section, or create a new instance by clicking
Create New Instance.
This will open the Create Token Processor Instance window configuration.
On the Instance Configuration tab, configure the basics of
this token processor instances.
- If you have not yet defined the desired Password Credential Validator instance, click Manage Password Credential Validators to do so.
- Click Add a new row to 'Credential Validators' to select a credential-authentication mechanism instance for this adapter instance.
From the Password Credential Validator Instance list, select a
Password Credential Validator instance. Click Update.
Add as many validators as necessary. Use the up and down arrows to adjust the order in which you want PingFederate to attempt credential authentication. If the first mechanism fails to validate the credentials, PingFederate moves sequentially through the list until credential validation succeeds. If none of the Password Credential Validator instances can authenticate the user's credentials, and the challenge retries maximum has been reached, the process fails.Note:
If usernames overlap across multiple Password Credential Validator instances, this failover setup could lock out those accounts in their source locations.
Field Value section, enter a value in the
When the number of login failures reaches this threshold, the user is locked out for a period of time.
The default value is