You can configure, modify, review, remove, and elect existing client initiated backchannel authentication (CIBA) request policies in the administrative console.
CIBA request policies process identity hints and authenticate users to receive consent. Each request policy is associated with an instance of a CIBA authenticator. The CIBA grant flow is initiated by a direct request from the client and involves an out-of-band interaction with the user to complete authentication and authorization. OAuth clients that support the CIBA grant type can be configured to use a specific CIBA request policy or a default.
- Go to Add Policy. . To configure a new CIBA request policy, click
Select an action from the following options:
- To modify an existing CIBA request policy, select it by its name under Policy ID.
- To review the usage of an existing CIBA request policy, click Check Usage under Action.
- To remove an existing CIBA request policy or to cancel the removal request, click Delete or Undelete under Action.
- To elect an existing CIBA request policy to be the default CIBA request policy, click Set as Default under Action.