Is it possible to have Two-factor (2FA) authentication enabled on Windows GUI with Indicium-basic as application server?
If so how do I setup this?
Best answer by Dick van den Brink
View original
Two-factor authentication on Windows GUI with Indicium-legacy
This topic has been closed for comments
Yes this is possible by configuring an email in Indicium Basic. To do this, add the following information to the appsettings.json of Indicium Basic.
// For using 2fa with email
"Email": {
"SmtpServer": "test",
"SmtpPort": 587,
"UseSSL": true,
"SmtpUsername": "[SMTP account username]",
"SmtpPassword": "[SMTP account password]",
"TwoFactorTokenTemplate": {
"FromEmail": "[from email]",
"FromDisplay": "[display name]",
"Title": "Your login code",
"Body": "Your login validation code is: <b>{twoFactorToken}</b>"
}
}
// For using 2fa with Twilio (sms)
"SMS": {
"Username": "[Account SID]",
"Password": "[Authorization Token]",
"FromPhoneNumber": "[Provider Phone Number]",
"DefaultTwoFactorTokenTemplate": "Your validation code is {twoFactorToken}.",
}When logging in with an IAM user which has the `Login verification` set to "Password and email” (or "Password and SMS” for SMS), the following prompt should show up.
After entering the code received in the email, the Windows GUI will start as usual.
Hopefully this helps.
There is some documentation here: https://docs.thinkwisesoftware.com/docs/deployment/indicium#email-two-factor-authentication, but it applies to Indicium Universal. So the appsettings.json as shown there won't work on Indicium Basic. We will also document the Universal Basic configuration.
+9
- Sidekick
- 33 replies
-
11 May 2022
Thank you for this information, i will try this and report back if this is a working solution
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.