We are trying to implement NetIQ Access Manager TOTP functionality, we
already did it but our Customer give us one scenario that make sense but
we couldn´t solve it with the tools that we have out of the box or maybe
we don´t how to do it.

The user access to a private resource (My portal) with Secure Name and
password form, so the user navigate and if he needs to “change his
profile” info he needs to provide his TOPT token (this works perfect,
access manager ask for token and let him enter to change profile link)
after the user change profile the user navigate to other link “add
payment” he needs to provide TOTP again. User have to provide TOTP token
any time that he access to a private resource with this contract .

We set the contract to specifics resources but If user already provide
token, NAM never ask for it until session expires, we configure 5 min to
time out and if the user is timed out we get the TOPT screen but the
user can switch or navigate between resource before the time out expires
, we are wondering if there is a way to ask for TOPT every time that
need access to a private resource with this contract, there is some way
to set less than 5 min for session time out?? Did you face some scenario
like this?

We tried to set RISK Policies to do it but we are getting this error
“200104403” and it’s about Geolocalization server but we did not
configure any geolocalization rule…

eguerreros's Profile: https://forums.netiq.com/member.php?userid=9205
View this thread: https://forums.netiq.com/showthread.php?t=54228