Configure a Generic API external risk engine

Configure a Generic API external risk engine to support the IDaaS API or you need to develop an intermediate proxy server to convert between the IDaaS API and the external risk engine API.

Before you begin, ensure that you know the credentials for your external risk provider.

Configure a Generic API external risk engine

1.      Click > Configuration > External Risk Engines. The External Risk Engines page appears.

2.      Click Add and then select the Generic API from the drop-down list. The Add External Risk Engine page appears.

3.      Enter a Name field for the external risk engine.

4.      Select Enabled to enable the external risk engine.

Note: You can also enable or disable the external risk engine after you add it from the External Risk Engines page.

5.      Enter the external risk engine credentials, for example the Username/Identifier and Password.

6.      Under Attributes, do the following:

a.      Enter the URL.

b.      Enter the External Risk Provider.

a.      Enter the Company ID provided to you by the external risk engine.

b.      Enter the Token Expiration for the token used by the external search engine.

c.      Select Fail evaluation when identities do not match if the user session and the user do not match.

Note: For a Generic API external risk engine, you must define the base URL where you will deploy your REST service and the risk provider identifier (for example, biocatch). For more information, see the Generic API External Risk Engine Integration Guide.

7.      Optional. Add Rules as follows:

a.      Click Add. The Add Rule dialog box appears.

b.      Enter a Name for the rule that defines the risk factor.

c.      Select the Risk Item from the drop-down list. There are two options:

–  Risk: The risk score returned by the external risk provider.

–  serviceStatus: This item is available for all external risk engines integrated with IDaaS. It can be used to decide what the system should do when the external risk engine is not available.

To use this item, create a rule with serviceStatus EQUALS FAILURE. This rule can then be used in a resource rule in combination with other rules. If the evaluation of the external risk engine is critical to grant access to an application, you can give enough risk points to this rule so that risk score is reached, and the evaluation moves into the High Risk scenario.

See your external risk engine documentation for a description of other risk items.

d.      Select the required Operator from the drop-down list.

e.      Add a value in the Value text box.

f.        Optional. To add more rules to the rule, do the following:

i)         Click Add Group.

i)        Select the AND or OR operator for each added group expression.

ii)      Select the Risk Item from the drop-down list.

iii)     Select the required Operator from the drop-down list.

iv)     Add a value in the Value text box.

g.      Click Add.

h.      Repeat these steps to add more external risk engine rules.

8.      Click Save to save the external risk engine and return to the External Risk Engines page.