Skip to main content
Version: 8.2411.x.x RR

Unit policy

credentialTypes

  • Data type: int, comma-separated list surrounded by square brackets.
  • Default: none

A comma-separated list of credential type IDs (for possible values see below) surrounded by square brackets, no spaces allowed. Only credentials of the enumerated types can be created for users of the corresponding units.

  • If a user has more than one profile, the unit policy of the default profile's unit is taken.
  • If a unit has no unit policy assigned, the default unit policy of the client is taken.

The available credential types can be defined in the client policy as well. In this case, all credential types defined in the unit policies have to be defined in the client policy as well.

Possible values:

type IDCredential type
1Password
2Certificate
3SecurID
4Ticket
5Safeword
6OTP
8Temporary strong password
9Generic credential
10Kerberos
11mTAN
12Vasco Digipass token
13PUK
14URL ticket
15Device password
16Mobile signature
17SAML federation
18Security question
19Context password
20OATH
21FIDO UAF
22Recovery code
23FIDO 2

Examples:

  • credentialTypes=[1,2] : only passwords and certificates available
  • credentialTypes=[] : no credential types available
  • credentialTypes= : all credential types available
  • credentialTypes not defined: all credential types available