Create and use Authentication Policies in Ziti Console

Hi, is there a way to create Authentication Policies in Ziti Console?
As per Authentication | OpenZiti one should be able to define an authentication policy for identities.

An Identity can have one Authentication Policies associated with it.

However I couldn’t find any possibility to set it up in Ziti Console.

Another non-related question, if you allow:
Is there a way to “comfortably” use Yubikeys to store the certificate? By comfortable I mean to use a Yubikey without using the CLI and ziti-tunneler but instead use Ziti Desktop Edge.
I’d love that feature!

I don’t think authentication policies are exposed in ZAC yet. Using Yubikeys/PKCS11 is supported but the ergonomics around using it is by no means “comfortable”, no. It’s been a feature we have discussed enabling more ergonomically/easily it’s just not been a focus yet. We’ll get there at some point, but it’s not on anyone’s radar just yet.

I’ll go file a ZAC issue for enabling auth policies. ZAC will likely be getting some more work done to it in the coming months but for now, it’ll have to be CLI (or REST API)

1 Like