3.7.0

Navigate through spaces

CtrlK

Reference Guide

Kron PAM Administration

User Management

Device Management

Policy Management

Approval Management

Session Manager

Multi-Factor Authentication

Sending the MFA QR Code to Users

Creating a Connection Between Kron PAM and the Kron PAM Mobile Client Application

Enabling Multi-Factor Authentication (MFA)

Using MFA to Log in to the Kron PAM Web GUI

Using MFA to Log in to the Kron PAM Desktop Client

Using MFA for SSH Connections

Using MFA for RDP Connections

Using MFA for SSH Proxy

Using MFA for HTTP/HTTPS Proxy

Using MFA for SFTP Proxy

Using MFA for TACACS+ Manager

Using MFA for Radius

Using MFA for Kron PAM Mobile Client Application

Offline Mode Settings

Using SMS for MFA

Using Email for MFA

User Token Management

Using Hardware Tokens for MFA

Using Authentication Key (FIDO Key) for MFA

Using Keystroke to User Behavior Analytics

MFA Configurations for VPN Services

External MFA Providers

Okta MFA Integration

Cisco Duo MFA Integration

SecTrail MFA Integration

AuthTake MFA Integration

Unified Access Manager

Data Access Manager

Cloud Infrastructure Entitlement Management (CIEM)

Privileged Task Automation

Kron PAM Reporting and Logging Functions

Monitoring & Alarms

High Availability

Failover Scenario

DevOps Integration

Kron PAM Remote Access

APPENDIX 1: System Config Manager Parameters

APPENDIX 2: Job Descriptions for Job Scheduler

Docs powered by Archbee

Reference Guide

...

Multi-Factor Authentication

External MFA Providers

AuthTake MFA Integration

For integration with AuthTake, Kron PAM supports MFA token verification through an API-based configuration. This enables enterprises to use AuthTake for secure authentication in various contexts, including Kron PAM’s Web GUI logins and Privileged Session Manager connections.
Users must have an account in AuthTake with corresponding credentials (e.g., username and authentication PIN).
API keys and application codes must be configured as described below.
Configuration Steps:
Navigate to Administration > System Configuration Manager
To integrate AuthTake as an external MFA provider, the following parameters need to be set in the System Configuration Manager:
mfa.provider: authTake (default: internal)
mfa.external.provider.authTake.appCode: <application code> (encrypted/plain text)
mfa.external.provider.authTake.apiKey: <API key> (encrypted/plain text)
mfa.external.provider.authTake.otpValidUrl: <AuthTake OTP validation endpoint URL>

SecTrail MFA Integration

Unified Access Manager

Docs powered by Archbee

Docs powered by Archbee