ProAuth Documentation

Appearance

Multi-factor authentication

A multi-factor authentication is an extra layer of security for ProAuth designed to ensure that you're the only person who can access your account, even if someone knows your password.

E-Mail

E-Mail TwoFactor Authentication is a security verification procedure, which is triggered through a user logging into a website, software or application. In the log-in process, the user is automatically sent an E-Mail containing a unique numeric code. This 'token-code' is then inputted by the individual, verifying themselves as the user logging into the online account.

Create new TwoFactor

Steps to create a new IDP:

  • Navigate to the ProAuth Admin UI and login with a user with in minimum is a SubscriptionAdmin
  • Navigate to TwoFactor Instances and click on Create TwoFactor Instance
  • Choose the IDP Type email
  • Enable the flag Active
  • Choose the proper Subscription
  • Click Save

Create Email TwoFactor

Configure new TwoFactor

After the creation of the TwoFactor instance in the step before, it's now necessary to configure the TwoFactor. Invalid TwoFactors aren't available in ProAuth.

Steps to complete the configuration of the TwoFactor:

  • Open the TwoFactor in the extended edit view
  • Configure the mandatory service options (details below)
  • In order for the TwoFactor instance to be applied, assign the TwoFactor to the required Tenants, IDPs, Client Applications or ProAuth Users

Edit Email TwoFactor

Configure mandatory Options, if they are not already provided by the ProAuth base service settings:

  • Set the EMailSenderAddress
  • Set the MailServerConfig

Edit Email Server settings

MailServerConfiguration sample data for SMTP Server:

json
{
    "MailType": "SMTP",
    "Host": "<smtp-host-address>",
    "Port": 465,
    "EnableSSL": true,
    "UserName": "<smtp-username>",
    "Password": "<smtp-password>",
    "Timeout": 20000
}

MailServerConfiguration sample data for Microsoft365:

json
{
    "MailType": "M365",
    "ClientId": "<aad-app-clientid>",
    "ClientSecret": "<aad-app-clientsecret>",
    "TenantId": "<aad-app-tenantid>",
    "UserId": "<aad-user-objectid>"
}

SMS

SMS TwoFactor Authentication is a security verification procedure, which is triggered through a user logging into a website, software or application. In the log-in process, the user is automatically sent an SMS to their mobile number containing a unique numeric code. This 'token-code' is then inputted by the individual, verifying themselves as the user logging into the online account.

Create new TwoFactor

Steps to create a new TwoFactor:

  • Navigate to the ProAuth Admin UI and login with a user with in minimum is a SubscriptionAdmin
  • Navigate to TwoFactor Instances and click on Create TwoFactor Instance
  • Choose the TwoFactor Type ecall
  • Enable the flag Active
  • Choose the proper Subscription
  • Click Save

Create eCall TwoFactor

Configure new TwoFactor

After the creation of the TwoFactor instance in the step before, it's now necessary to configure the TwoFactor. Invalid TwoFactors aren't available in ProAuth.

Steps to complete the configuration of the TwoFactor:

  • Open the TwoFactor in the extended edit view
  • Configure the mandatory service options (details below)
  • In order for the TwoFactor instance to be applied, assign the TwoFactor to the required Tenants, IDPs, Client Applications or ProAuth Users

Edit eCall TwoFactor

Configure mandatory Service Options:

  • Set the ECallAccountName
  • Set the ECallAccountPassword
  • Set the ECallAccountFromNumber

You can get the Service Option values from your eCall account.

Create new TwoFactor

Steps to create a new TwoFactor:

  • Navigate to the ProAuth Admin UI and login with a user with in minimum is a SubscriptionAdmin
  • Navigate to TwoFactor Instances and click on Create TwoFactor Instance
  • Choose the TwoFactor Type email
  • Enable the flag Active
  • Choose the proper Subscription
  • Click Save

Create Twilio TwoFactor

Configure new TwoFactor

After the creation of the TwoFactor instance in the step before, it's now necessary to configure the TwoFactor. Invalid TwoFactors aren't available in ProAuth.

Steps to complete the configuration of the TwoFactor:

  • Open the TwoFactor in the extended edit view
  • Configure the mandatory service options (details below)
  • In order for the TwoFactor instance to be applied, assign the TwoFactor to the required Tenants, IDPs, Client Applications or ProAuth Users

Edit Twilio TwoFactor

Configure mandatory Service Options:

  • Set the TwilioAccountSid
  • Set the TwilioAuthToken
  • Set the TwilioSmsFromNumber

You can get the Service Option values from your Twilio account.

FIDO

::: note Not yet supported :::