search cancel

VIP does not honor the Credentials policy if the account policy is more restrictive (VIP Authentication Services 2019.May.1)

book

Article ID: 174802

calendar_today

Updated On:

Products

VIP Authentication Service

Issue/Introduction

If a credential type is allowed by the account policy but not allowed for a user group by the Credentials policy, VIP correctly honors the Credentials policy. A user in that group cannot register that credential type.

However, if a credential type is not allowed by the account policy but allowed for a user group by the Credentials policy, VIP does not honor the Credentials policy. A user in that group is unable to register that credential type, even though the Credentials policy allows it.

Resolution

There is no workaround for this issue.