Create and use Authentication Policies in Ziti Console

dmuensterer · November 20, 2022, 9:45pm

Hi, is there a way to create Authentication Policies in Ziti Console?
As per https://openziti.github.io/docs/core-concepts/security/authentication/auth/#primary-authentication one should be able to define an authentication policy for identities.

An Identity can have one Authentication Policies associated with it.

However I couldn't find any possibility to set it up in Ziti Console.

Another non-related question, if you allow:
Is there a way to "comfortably" use Yubikeys to store the certificate? By comfortable I mean to use a Yubikey without using the CLI and ziti-tunneler but instead use Ziti Desktop Edge.
I'd love that feature!

TheLumberjack · November 20, 2022, 9:52pm

I don’t think authentication policies are exposed in ZAC yet. Using Yubikeys/PKCS11 is supported but the ergonomics around using it is by no means “comfortable”, no. It’s been a feature we have discussed enabling more ergonomically/easily it’s just not been a focus yet. We’ll get there at some point, but it’s not on anyone’s radar just yet.

I’ll go file a ZAC issue for enabling auth policies. ZAC will likely be getting some more work done to it in the coming months but for now, it’ll have to be CLI (or REST API)

Topic		Replies	Views
ZAC auth with jwt's or seperate username/password store	5	24	September 25, 2024
Unable to add auth policy to ZAC Ziti Administration Console	7	166	April 10, 2023
Ziti cli user question General Questions	1	356	August 25, 2022
New ZAC Features Ziti Administration Console	6	96	June 25, 2024
OIDC Authentication / SSO Ziti Administration Console	1	254	July 3, 2023

Create and use Authentication Policies in Ziti Console

Related Topics