19.1. RADIUS server

The RADIUS server exposes a limited set of Airlock IAM's authentication capabilities over the RADIUS protocol.

The RADIUS protocol is typically used by access gateways, VPN servers, and alike.

The nature of the RADIUS protocol limits the set of possible features.

In general, authentication schemes that involve non-text challenges (such as QR codes or client certificates) cannot be used via RADIUS.

Usage examples

  • Username and password authentication
  • 2-factor authentication using Airlock 2FA One-Touch or Passcode, mTAN, OTP, or matrix cards.
  • Mandatory password change within the authentication process.
  • Basic role-based access control.

Configuration hints

  • The RADIUS server is configured in
    Service Container >> Services >> RADIUS Server Config >> Service.
  • Not all Authenticator plugins that can be configured will work with RADIUS.

  • One or more RADIUS servers can be configured.
  • The service-container module needs to be enabled in the instance configuration settings (see 8.1. Application parameters).