2FA or MFA support within Service Management
Article ID: 124853
Updated On:
Products
Issue/Introduction
We wish to implement two factor authentication (2FA), also known as MFA (Multi-Factor Authentication) for our users.
Does CA Service Desk Manager/ITSM support OAuth 2.0?
Can it support authentication using Office 365 or Azure Active Directory?
Environment
Component: CA Service Management - 17.x
Resolution
No current version of CA Service Desk Manager/ITSM has two factor authentication (2FA) built in to the web client interface.
A third party load balancer, such as an F5 hardware load balancer, can provide the two factor authentication out front, and then pass through to the normal CA SDM authentication channels. This external load balancer configuration is out of scope for CA Support to advise on.
You may build two factor authentication interfaces onto the front end of Web Services if that is required - it is not out of the box though.
Note that many users would prefer that Single Sign On (SSO) as the standard authentication channel for the ease of use.
Good security can be maintained via the use of TLS.
CA SDM/ITSM supports SSO and TLS.
Configuring Single-Sign-On (SSO) for Internet Information Server (IIS) 8.0 and CA Service Desk Manager (CA SDM) r12.9/14.1/17.x
How to Enable TLS 1.2 with CA EEM 12.6
CA Advanced Authentication provides two factor authentication for CA products, but there are no explicit references to CA SDM/ITSM in that product documentation. At the time of this knowledge document, it is unclear if it provides any solution for CA SDM.
Active Directory is supported for CA SDM as an authentication method.
You would configure "External Authentication" to point to this source:
SAML authentication through Azure is also available as an option. One could implement MFA in conjunction with Azure
Additional Information
CA Documentation
Enable SAML Authentication for CA SDM
Single Sign On (SSO) works for some CA Service Desk Manager (CA SDM) users, but does not for others
General Documentation on OAuth
OAuth
OAuth 2.0
What is OAuth? How the open authorization framework works
General Azure Documentation
Azure Active Directory - Home page
General 2FA/Multi-Factor Authentication Documentation
Feedback
