SMTP authentication method - SSO

SMTP authentication method uses a one-time password sent by email for authenticating the end user. There are two versions of SMTP authentication method, registered and unregistered. For the registered SMTP method user needs to be authenticated previously either by providing a username and password, or using a SAML or OpenID Connect method with Directory User Mapping. For the unregistered SMTP method user enters their email address.

Registered

When a user attempts to access a resource protected by Ubisecure:

The user authenticates by providing a username and password (or by using a previous factor SAML or OpenID Connect method with Directory User Mapping, see Multi-factor Authentication with Directory User Mapping).
An email is sent to the user, containing a one-time password
The user enters the one-time-password and presses next
Authorization is performed according to the configuration of the Ubisecure SSO Server and the user is redirected to the target application and granted access if permitted

The user's email is retrieved from the user account stored in the local Ubisecure Directory or in an external directory (AD, LDAP or SQL).

Unregistered

When a user attempts to access a resource protected by Ubisecure:

The user enters an email address and presses Sign In
An email is sent to the user, containing a one-time password
The user enters the one-time-password in the login window and presses Sign In
Authorization is performed according to the configuration of the Ubisecure SSO Server and the user is redirected to the target application and granted access if permitted

Unregistered Multi-Factor Authentication

Unregistered SMTP can also be used as the next factor method for OpenID Connect or SAML method.

Unregistered Multi-factor Authentication - SSO

Installation

See Installing SMTP authentication method - SSO

Identity Server 2023.2

SMTP authentication method - SSO

Registered

Unregistered

Unregistered Multi-Factor Authentication

Installation

Related Documentation