Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Unregistered Multi-factor Authentication (umfa) is about being possible to require Unregistered SMTP OTP or Unregistered SMS OTP as the second factor authentication method for unregistered users returned from a SAML or an OpenID Connect method.

Configuration

  1. Create the first factor method

    1. SAML

    2. OpenID Connect

  2. Create the second factor method

    1. Unregistered SMTP OTP

    2. Unregistered SMS OTP

  3. While not required, it’s useful to verify at this point that both work individually without the umfa configuration.

  4. To enable the second factor method to be used in multi-factor authentication, set following configuration string for the second factor method: mfa true

    1. PUT /method/unregistered.smtp
      configuration:mfa true

  5. To chain the second factor method after the first factor method, set the second factor method as the nextFactor method for the first factor method.

    1. PUT /method/oidc.1/$link/nextFactor/method/unregistered.smtp

  • No labels

Ubisecure Privacy Policy & Cookie Statement