The Airlock 2FA Authenticator plugin can be used in various ways during the authentication process. The following step-by-step procedure shows how it is typically used in a two-factor authentication process using the Main Authenticator plugin.
Prerequisites
- A basic IAM configuration including authentication for the Loginapp (JSP) must exist.
- The basic Airlock 2FA settings exist.
Instruction
- Go to the Main Authenticator's second step plugin:
- Add a new Authentication Method Identifier Mapping using the following values:
- Identifier: Airlock 2FA Authentication Mapping
- Auth Method Identifier: choose AIRLOCK_2FA
- Authenticator: Airlock 2FA Authenticator (create new plugin if required)
- Verify Airlock 2FA Authenticator and connect Airlock 2FA Settings (see Basic configuration settings) and/or a specific User Persister if required.
- Activate the configuration.
- Airlock 2FA is now available as a second authentication factor.
MAIN SETTINGS >> Main Authenticator >> Second
or
Loginapp >> Authentication Settings >> Authenticator >> Second
How to verify
In order to test Airlock 2FA as a second authentication factor, consider the following regarding the user you intend to test with:
- The user must be able to log in with a username and password. This requires a valid account with a password.
- In the Adminapp: Assign Airlock 2FA as the active authentication method.
- At least one Airlock 2FA token must be enrolled for the user.
- The Airlock 2FA app must be installed on a smartphone.