We have a requirement to enable risk-based authentication without SiteMinder authentication for a single page application.

When user clicks the single app URL, Riskminder should evaluate the user/device info and challenge MFA based on risk evaluation for the transaction.

Could someone please suggest, how we can implement this requirement with only Riskminder component?

Release : 9.1

Component :RiskMinder(Arcot RiskFort)

Riskminder provides multiple ways to integrate the Risk solution in existing application or develop an application using RiskMinder product.

1. Use the Riskminder SDK in your application or develop the application using the Risk SDK.
2. Use the Soap Webservices provided by Riskminder product to use in your existing application.
3. Use the Rest API provided by Riskminder in your application.

Please note that you need to take action once the Risk evaluation is done as Riskminder will provide the score and Advise and the calling application need to decide and implement the step-up authentication methods.

Here is the document link for Rest API implementation. Other methods described above are also available and can be looked into the documentation.

CA Risk Authentication REST API