Skip to main content
Solved

Two-factor authentication on Windows GUI with Indicium-legacy

E
Sidekick
Forum|alt.badge.img+9

Is it possible to have Two-factor (2FA) authentication enabled on Windows GUI with Indicium-basic as application server?

If so how do I setup this?

Best answer by Dick van den Brink

Yes this is possible by configuring an email in Indicium Basic. To do this, add the following information to the appsettings.json of Indicium Basic.

// For using 2fa with email
  "Email": {
    "SmtpServer": "test",
    "SmtpPort": 587,
    "UseSSL": true,
    "SmtpUsername": "[SMTP account username]",
    "SmtpPassword": "[SMTP account password]",

    "TwoFactorTokenTemplate": {
      "FromEmail": "[from email]",
      "FromDisplay": "[display name]",
      "Title": "Your login code",
      "Body": "Your login validation code is: <b>{twoFactorToken}</b>"
    }
  }
// For using 2fa with Twilio (sms)
  "SMS": {
    "Username": "[Account SID]",
    "Password": "[Authorization Token]",
    "FromPhoneNumber": "[Provider Phone Number]",
    "DefaultTwoFactorTokenTemplate": "Your validation code is {twoFactorToken}.",
  }

When logging in with an IAM user which has the `Login verification` set to "Password and email” (or "Password and SMS” for SMS), the following prompt should show up.

 

 

After entering the code received in the email, the Windows GUI will start as usual.

Hopefully this helps.

There is some documentation here: https://docs.thinkwisesoftware.com/docs/deployment/indicium#email-two-factor-authentication, but it applies to Indicium Universal. So the appsettings.json as shown there won't work on Indicium Basic. We will also document the Universal Basic configuration.

 

View original
Did this topic help you find an answer to your question?
This topic has been closed for comments

2 replies

D
Moderator
Forum|alt.badge.img+3

Yes this is possible by configuring an email in Indicium Basic. To do this, add the following information to the appsettings.json of Indicium Basic.

// For using 2fa with email
  "Email": {
    "SmtpServer": "test",
    "SmtpPort": 587,
    "UseSSL": true,
    "SmtpUsername": "[SMTP account username]",
    "SmtpPassword": "[SMTP account password]",

    "TwoFactorTokenTemplate": {
      "FromEmail": "[from email]",
      "FromDisplay": "[display name]",
      "Title": "Your login code",
      "Body": "Your login validation code is: <b>{twoFactorToken}</b>"
    }
  }
// For using 2fa with Twilio (sms)
  "SMS": {
    "Username": "[Account SID]",
    "Password": "[Authorization Token]",
    "FromPhoneNumber": "[Provider Phone Number]",
    "DefaultTwoFactorTokenTemplate": "Your validation code is {twoFactorToken}.",
  }

When logging in with an IAM user which has the `Login verification` set to "Password and email” (or "Password and SMS” for SMS), the following prompt should show up.

 

 

After entering the code received in the email, the Windows GUI will start as usual.

Hopefully this helps.

There is some documentation here: https://docs.thinkwisesoftware.com/docs/deployment/indicium#email-two-factor-authentication, but it applies to Indicium Universal. So the appsettings.json as shown there won't work on Indicium Basic. We will also document the Universal Basic configuration.

 

E
Sidekick
Forum|alt.badge.img+9
  • efitskieSidekick
  • Author
  • Sidekick
  • 35 replies
  • May 11, 2022

Thank you for this information, i will try this and report back if this is a working solution

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings