Basic configuration settings

This page describes how to configure the Airlock 2FA Settings plugin. It configures the central aspects of Airlock 2FA across various parts of Airlock IAM (e.g. authentication, self-services, administration, transaction approval).

• It specifies the following settings:
• Connection to Futurae cloud
• Connection to Airlock IAM database
• How to encrypt data in the Airlock IAM database
• Authentication factors that may be used

• An Airlock 2FA subscription is required.

• An Airlock 2FA Service ID, an Auth API Key, and an Admin API Key is required. It will be obtained together with the subscription.

• The database schema of Airlock IAM needs to be up to date with IAM 7.7.

Zero-Touch factor no longer supported

Airlock IAM does no longer support Zero-Touch authentication because up-to-date smartphone operating systems restrictions prevent its usage.

The feature has been removed from the Airlock 2FA app but is still configurable in IAM version 7.5 and older.

1. Go to:

Any Airlock 2FA plugin and navigate to the Airlock 2FA Settings.

or

Create a new plugin of type Airlock 2FA Settings.

2. Configure or connect the Airlock 2FA Database Repository
3. Configure or connect the Futurae Server plugin: It specifies how to connect to the Futurae cloud and what service ID to use.
4. The Authentication Settings section lists allowed second factors.
• Uncheck the corresponding checkboxes to limit the factor usage (i.e. disable Zero-Touch).
• Check Offline QR code to support hardware tokens.
5. The Airlock 2FA Settings are now complete and ready to be used in various other plugins.

• Airlock 2FA configuration hints
• Sensitive configuration values (config secrets)