Device registration allows a user to flag the computer, PDA, mobile phone, or other devices he is logging in with as a safe device.
The device is added to the user's profile as a registered device.
Enabling Device Registration in Native Integration
In native integration, to enable device registration:
Set bharosa.tracker.send.devideId
to true, so the device ID can be captured.
Call these APIs directly:
Enabling Device Registration Out-of-the-Box
In Oracle Adaptive Access Manager out-of-the-box, to enable device registration for all applications:
Add the following properties to bharosa_server.properties
:
# Adds device registration to the challenge question registration page bharosa.uio.default.register.questions.registerdevice.enabled=true # Adds device registration to the Contact Information registration page bharosa.uio.default.register.userinfo.registerdevice.enabled=true # Enables device registration bharosa.uio.default.registerdevice.enabled=true # Enables user to be able to unregister current device in user preferences bharosa.uio.default.userpreferences.unregister.this.enabled=true # Enables user to be able to unregister all devices in user preferences bharosa.uio.default.userpreferences.unregister.all.enabled=true
To enable the features on an application-specific bases, "default" can be replaced with the appropriate appId in each of the prior property names.
Follow the instructions in Chapter 12, "Customizing Oracle Adaptive Access Manager" to add the customizations to Oracle Adaptive Access Manager.
Create Policies to Use Device Information
Once the feature is enabled, information about the device is collected for that user. If you want to make use of the information you are collecting, you must create policies and configure them properly. For example, you can create a policy with rules to challenge a user that is not logging in from one of the registered devices.
A customer reset action to unregister all devices for a user is available in CSR type cases. The "Unregister Devices" action will delete all registered devices from the user's profile.