OS4X Enterprise Webaccess multi-factor authentication

From OS4X
Revision as of 09:37, 14 November 2023 by Admin (talk | contribs) (Created page with "= Purpose = In cirital environments, having users to authenticate to use OS4X Webaccess is often required to support additional means of identification. OS4X Webaccess multi-f...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Purpose

In cirital environments, having users to authenticate to use OS4X Webaccess is often required to support additional means of identification. OS4X Webaccess multi-factor authentication is a functionality to support this requirement. Authenticated users then must:

  1. provide a valid username and password
  2. must have access to their user email inbox, where a dynamically created token is sent to

Configuration

OS4X Webaccess MFA contains of several configuration parameters.

Global configuration

The global configuration is located in "Configuration" -> "OS4X Enterprise" -> "Webaccess" -> "Multi-factor user authentication".

Bildschirmfoto 2023-11-14 um 10.30.16.png

  • Multi-factor authentication mail template: A mail text template (which is automatically created for updated OS4X installations) containing HTML code for the email. The variable "$MFA_TOKEN" will be replaced during template rendering.
  • Mail subject: Subject of the sent email to the user, encoded as UTF-8 mail subject (so special characters can be added here as well). If unconfigured or empty, the subject text "OS4X 2FA" is being used.
  • Mail sender address: Sender of the email, given in the mail header. If unconfigured, the value "OS4X <os4x>" is used.
  • Sendmail command: command which is being executed for emailing. If unconfigured, the system's default "sendmail" command is used.

User configuration

Retrieved from "https://wiki.os4x.com/index.php?title=OS4X_Enterprise_Webaccess_multi-factor_authentication&oldid=3708"