Setting user authentication policies for a mobile device

IBM® Cognos® Mobile device user authentication policies define whether IBM Cognos Business Intelligence authentication credentials are cached on the mobile device and how often users must reenter these credentials. Users must enter their credentials at least once.

All IBM Cognos BI timeouts apply to the mobile device user. The device user authentication policies are on top of timeouts associated with IBM Cognos BI.

To simplify the authentication process for the user, the IBM Cognos administrator can allow credentials to be cached on the mobile device by using the setting Maximum number of hours to store cached credentials. The range of values for this setting, in hours, is 0 to 8760. The default value of 0 means that you do not want to store credentials on a device. For information about specifying this setting, see Configuring Cognos Mobile services.

The CAM (IBM Cognos security control mechanism) passport setting in IBM Cognos BI applies to all devices. When the passport setting limit expires, the user session ends. However, if the device authorization time limit exceeds the timeout that ended the session, the device authorization time limit remains in effect after the user session ends. Only when the device authentication time limit is reached, users need to reenter their credentials.

Procedure

Use the following procedure to set the timeout for the CAM passport.

  1. Open IBM Cognos Configuration on the computer where IBM Cognos Content Manager is installed.
  2. In the Explorer pane, click Explorer > Authentication.
  3. In the Properties pane, for Inactivity timeout in seconds, type the required value.

    For more information about IBM Cognos Configuration, see the IBM Cognos Business Intelligence Installation and Configuration Guide.

Parent topic: Cognos Mobile security