The Airlock 2FA Authenticator plugin can be used in various ways during the authentication process. The following step-by-step procedure shows how it is typically used in a two-factor authentication process using the Main Authenticator plugin.
Prerequisites
- ●A basic IAM configuration including authentication for the Loginapp (JSP) must exist.
- ●The basic Airlock 2FA settings exist.
Instruction
- 1.Go to the Main Authenticator's second step plugin:
- 2.Add a new Authentication Method Identifier Mapping using the following values:
- ●Identifier: Airlock 2FA Authentication Mapping
- ●Auth Method Identifier: choose AIRLOCK_2FA
- ●Authenticator: Airlock 2FA Authenticator (create new plugin if required)
- 3.Verify Airlock 2FA Authenticator and connect Airlock 2FA Settings (see 10.2.2.6.2. Basic configuration settings) and/or a specific User Persister if required.
- 4.Activate the configuration.
- Airlock 2FA is now available as a second authentication factor.
MAIN SETTINGS >> Main Authenticator >> Second
or
Loginapp >> Authentication Settings >> Authenticator >> Second
How to verify
In order to test Airlock 2FA as a second authentication factor, consider the following regarding the user you intend to test with:
- ●The user must be able to log in with a username and password. This requires a valid account with a password.
- ●In the Adminapp: Assign Airlock 2FA as the active authentication method.
- ●At least one Airlock 2FA token must be enrolled for the user.
- ●The Airlock 2FA app must be installed on a smartphone.