Token management self-service

The Airlock IAM Loginapp provides self-service features that allow logged-in users to manage their own Airlock 2FA app devices.

It provides the following features:

  • View Airlock 2FA devices.
  • Change the display name of the devices.
  • Remove devices.
  • Add new devices.

The features are provided both as REST API and in the Loginapp UI (single-page login application).

The Airlock 2FA token management self-service offers security-critical services to the end-user. This is especially true for the service to add new app devices.

Make sure that the IAM configuration guarantees that:

  • the self-service is only accessible after strong user authentication.
  • that unused services are disabled in the configuration.

Example screenshots