Configure the Default Authentication policies for your tenant

By default, Aurora Endpoint Security has three tenant authentication policies that are used to manage the types of authentication that administrators must complete to sign in to the Endpoint Defense console. The tenant policies are applied when no app exception or authentication policy is assigned to the user for the console or the app that they are trying to access.

Administration Console: The Administration Console policy uses the Endpoint Defense console password as the default authenticator. For tenants created after March 2024, this policy uses the Endpoint Defense console password and One-Time Password as the default authenticators. It is used for authentication to the Aurora Endpoint Security management console.

You can edit the policies to add other types of authentication that users must complete in the order that you specify in the policy. For example, if you add One-Time Password after the Enterprise authenticator, users enter their work or myAccount credentials before they receive a one-time password prompt.

Add an authenticator.
  1. On the menu bar, click Settings > Authentication > Default Authentication.
  2. Click the policy that you want to edit.
  3. In the App Authentication section, click Add Authenticator.
  4. In the Add authenticator dialog, select an authenticator from the list, and then click Add.
    Repeat this step to add more authenticators to the policy. Users must complete the types of authentication in the order that you specify. To change the order, click Set Order, drag the authenticators to the order that you want and click Set Order again.
    Note: If you add One-Time Password as an authenticator, it must be set after the enterprise password.
  5. Click Save.
If you added authenticators to a default policy, you can click Revert to Default Method on the policy list page to restore the default setting.