Step-up authentication: Overview

Step-up authentication is an additional level of authentication that can be applied to user actions that have been defined as privileged. Privileged means an action is highly sensitive and requires an additional level of authentication even after general system authentication has been achieved.

When step-up authentication has been configured for a user action, a user must submit additional authentication, typically through a code that is sent to their phone, when attempting to perform the privileged action. This is true even if the customer already requires multi-factor authentication (MFA) for general system access.

Privileged authentication can be configured for these actions:

Create: Any valid create action available in a form or list.
Update: Any valid update action available in a form or list.
Delete: Any valid delete action available in a list.

Privileged authentication cannot be configured for: Standard open or double-click to open actions that are not available in lists.

Note: MFA technology, available through Infor OS, provides the framework for Landmark step-up authentication. This happens behind-the-scenes when the customer enables step-up authentication. Configuration on the Infor OS side is not required.