Home > User Interface > Configuration > Policy Configuration > Authentication Sources > External > Sponsor
|
Menu path: Configuration > Policies and Access Control > Authentication Sources > External > Sponsor.
In Sponsored Email authentication, a user fills in their identification and a company sponsor's email address. The sponsor receives an email to approve access. Registration is completed when the sponsor clicks on a link in the email. A sponsor authentication source is predefined in the set of external authentication sources. The fields in the Sponsored Email authentication source are:
| Field Name | Usage | Example |
|---|---|---|
| Name | The name of the authentication source. | sponsor |
| Description | A description of the purpose of the authentication source. | Sponsored registration |
| Allow Local Domain | All email addresses with any domain are allowed to perform email authentication unless this option is unchecked, in which case email addresses with a domain name that matches the domain associated with A3 will NOT be allowed. |
|
| Banned Domains | A comma-separated list of domains that are banned for email registration. Wild cards are allowed. Banned domains are checked before allowed domains. | *gmail.com |
| Allowed Domains | A comma-separated list of domains that are allowed for email registration. Wild cards are allowed. Banned domains are checked before allowed domains. | example.com |
| Email Activation Timeout | The delay given to the sponsor to respond to the email. | 30 minutes |
| Host in activation link | If used, the hostname used in the validation link will be replaced. Note: if this field is used, then the haproxy service must be restarted via the Status>Services page. | |
| Sponsorship BCC | If specified, a copy of the approval email are sent to a comma-separated list of email addresses. | front-desk@example.com |
| Sponsor Validation | If checked, the sponsor must authenticate in the CWP when validating a guest request. | |
| Create Local Account | If checked, when a user completes an email authentication a local A3 account will be created for the user if one does not already exist. | |
| Password Hashing Method | The algorithm used to hash passwords in the database. Only new or reset passwords are affected. One of Bcrypt, Plaintext, or NTLM. | |
| Password Length | The length of generated passwords. | |
| Number of Logins for the Local Account | If Create Local Account is enabled, then this field designates the number of times that the user can login. A value of 0 means an infinite number of times. | 0 |
| Authentication Rules | Indicates the actions to be performed when the authentication is satisfied. Authentication rules are covered in detail in Authentication Rules. | catchall |
Note
When advised to restart any A3 service, the administrative interface for each cluster member must be used individually to perform the operation. Perform the operation on each member one at a time, waiting for the service(s) to completely restart.Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.