Symantec VIP Adapter settings reference

Page created: 11 May 2020 |

Page updated: 5 Jul 2022

| 3 min read

Symantec VIP Other Documents Integrations Language English Integration Content Type Product documentation Audience Administrator

Field descriptions for the Intune Adapter configuration screen.

Field	Description
Client Certificate	Select the VIP Manager certificate that you downloaded imported into PingFederate.
VIP Configuration Type	Pilot – The adapter tests the connection to the VIP API, which is used to verify user-token authentication. Production – The adapter runs as normal. If you have a specific URL to use for the API, enter it in the Advanced Fields section. Note: The standard OTP security-code generators for VIP are usable only for Production; they do not provide valid codes for a Pilot configuration. Instead, you must obtain the VIP Test Drive OTP generator for Pilot testing.

Field

Description

Client Certificate

Select the VIP Manager certificate that you downloaded imported into PingFederate.

VIP Configuration Type

Pilot – The adapter tests the connection to the VIP API, which is used to verify user-token authentication.

Production – The adapter runs as normal.

If you have a specific URL to use for the API, enter it in the Advanced Fields section.

Note:

The standard OTP security-code generators for VIP are usable only for Production; they do not provide valid codes for a Pilot configuration. Instead, you must obtain the VIP Test Drive OTP generator for Pilot testing.

Field	Description
Default Authentication Method	Determines whether the adapter defaults to push, SMS, or voice, or prompts the user to select an authentication method for the current session. None – The adapter prompts the user to choose an authentication method or enter a Symantec VIP security code. Security Code – The adapter prompts the user to enter a Symantec VIP security code. Push Notification – The adapter sends a push notification to the the Symantec VIP app on the user's mobile device. SMS and Voice Call – The adapter sends a text or voice authentication message to the user's phone number. The default selection is None. If the default method is not valid for a user, the adapter prompts the user to select another authentication method.
Override Default Authentication Method	When enabled, the adapter checks the Security Code Attribute Name defined below. If the user has a security code in the data store, the adapter passes it to Symantec, allowing the user to skip any prompts. If the user does not have a security code in the data store, the adapter falls back to the default authentication method.
Security Code Attribute Name	The name of the attribute in your data store that contains a user's Symantec VIP security code. The adapter checks this attribute when Override Default Authentication Method is enabled.
Suppress Add Credential	When selected, users are not shown the interface to register new credentials, such as phone numbers or email addresses. Important: If you are using this adapter instance in a password reset flow, select this check box. This prevents users from bypassing authentication by adding credentials during the password reset flow.
Push Request Timeout	Timeout for push requests, in seconds. The default value is 60.
Challenge Retries	The maximum number of times a user can try to authentication before authentication fails.
API URL Override	Overrides the API URL defined by the selected VIP Configuration Type.
Management API URL Override	Overrides the Management API URL defined by the selected VIP Configuration Type.
Query API URL Override	Overrides the Query API URL defined by the selected VIP Configuration Type.
VIP API URL Override	Overrides the VIP API URL defined by the selected VIP Configuration Type.