Hanzo
PlatformHanzo IAMRADIUS

Overview

Run Hanzo IAM as a RADIUS server for network access and accounting.

Hanzo IAM can act as a RADIUS server. RADIUS clients (e.g. a NAS or any host with RADIUS client software) send authentication and accounting requests to Hanzo IAM.

Configuration

In conf/app.conf set the RADIUS port and shared secret:

radiusServerPort = 1812
radiusSecret = "secret"

Then start Hanzo IAM; the RADIUS server will listen on the configured port.

Supported messages

  • Access-Request — The client sends an auth request; Hanzo IAM accepts or rejects based on the user and replies with Access-Accept or Access-Reject.
  • Accounting-Request — The client sends start/interim/stop accounting; Hanzo IAM records it and replies with Accounting-Response.

radius flow

Users in Hanzo IAM belong to an organization. Set the RADIUS request’s Class attribute to the user’s organization name so Hanzo IAM can resolve the user correctly.

set organization in request

How is this guide?

Last updated on

LDAP server

Use Hanzo IAM as an LDAP server for bind and search.

Overview

Provision and manage users in Hanzo IAM via the SCIM 2.0 API.

On this page

Configuration
Supported messages