7.3 Configuring MobileAccess

After you have created appmarks, you must configure MobileAccess to enable users to register their mobile devices through the MobileAccess app (iOS or Android). Users can access the appmarks through a browser on a desktop or a mobile device without enabling MobileAccess.

NOTE:MobileAccess communicates only over an HTTPS connection. MobileAccess does not work with HTTP.

To configure MobileAccess:

  1. Log in as an administrator to Administration Console.

  2. In Administration Console Dashboard under Administration Tasks, click MobileAccess.

  3. Select the IDP cluster that contains the appmarks you want to enable for the MobileAccess app.

  4. Select Enable MobileAccess to enable users to register their devices if they have the MobileAccess apps installed.

  5. In the Device display name field, specify your company name. This name appears in the bar at the top of the MobileAccess app window on users’ mobile devices.

  6. In the Roles field, select the roles that users must be able to register their devices through the MobileAccess app.

    If you do not select a role, all users can register their devices through the MobileAccess app. If you add a role, only users with that role can register their devices through the MobileAccess app. If you add multiple roles, users in any of those roles can register their devices through the MobileAccess app. For example, if you add Sales and Managers, the users must be in Sales or Managers, not Sales and Managers, to register their devices through the MobileAccess app.

  7. In the Mobile device registration contract field, select the contract that users will see to register their devices through the MobileAccess apps. You can select any contracts listed. However, not all Access Manager Appliance contracts work with mobile devices.

    IMPORTANT:Ensure that the contract you select works with mobile devices. In general, any basic authentication or certificate contracts do not work on mobile devices.

  8. In the Methods satisfied by mobile authentication field, select the authentication methods that are satisfied after users have successfully registered a mobile device.

  9. In the Password Prompt field, select how long users can continue to use an authenticated password on mobile devices before re-authentication is required.

  10. In the PIN Prompt field, select whether users must set a PIN for the MobileAccess app on their mobile devices, and whether they must re-enter the PIN after a period of inactivity. You can change this requirement at anytime. For more information, see Section 7.6, Understanding the MobileAccess PIN.

  11. Click Save.

  12. Repeat the procedure for each IDP cluster that contains appmarks.