How to set-up 2FA Authentication

This section helps admin to set-up two factor authentication flow for the end users.

1. Use Case

• Admin able to configure the 2FA authentication flow.

• Users should be able to login by using the configured 2FA flow.

1. Prerequisites

• User need to present in realm where 2FA is configured

  • Push Notification

• If Push is the second factor, users need to install the ZTrust authenticator application in mobile device and that device needs to be configured as a primary device and rabbit-mq keys need to be configured at the authentication tab.

  • Phone OTP

• If phone OTP is the second factor, in user details phone numbers need to be configured and message bird keys need to be configured in the authentication tab.

  • NFC

• NFC as a second factor, users need to install the ZTrust authenticator application in mobile device and user RFID card need to be configured with that user details.

  • TOTP

• TOTP as a second factor, user need to install the ZTrust authenticator application in mobile device.

  • Biometric

• Biometric as a second factor, user need to register his/her biometric details previously.

1. Configuration

• For 2FA authentication, authentication flow needs to be configured. For that take a copy of browser flow from the authentication tab.

• After successful, delete below fields from the newly created flow

• From 2FA Authentication forms create an sub flow like below
• After creating the sub flow click on + button and Add step to choose the 2FA feature
• After clicking on Add step below form will appear, select one here choosing push notification as an 2FA
• Push notification added as a 2FA
• At last set this flow as a browser flow like below

Here push notification is added as a 2FA, and can add any one of these features like Biometric, TOTP, Phone OTP, NFC.