Versions Compared

Old Version 33

changes.mady.by.user Marcus Malmberg

Saved on

compared with

New Version Current

changes.mady.by.user Marcus Malmberg

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Dstny Analytics platform support two-factor authentication through the default methods e-mail (SMTP) and OTP (Authenticator apps such as Microsoft Authenticator or Google Authenticator). Additionally, SMS (twilio (SMS SaaS vendor)), and SMPP (smpp) methods are supported options.

The configuration is done through the standard property provider system. The 2FA can be configured on system-, reseller-, or customer level but not on the user level.
The system can and should have at least two providers set (not required). To disable 2FA completely, do not set any providers at all.

Property key

Valid values (bold=default)

Description

security.two_factor_authentication_required

true | false

Should the system enforce two factor authentication on system/reseller/customer level.

False means all the users can set up 2 factor authentication optionally from My account.

security.two_factor_authentication_scope

none | all| admin | system | system-admin

For who should the system enforce two factor authentication.

NOTE: This is only in use when [security.two_factor_authentication_required] is set to true.
Only one of the options below can be selected.

Options:
none = No users
all = All users
admin = All admin users (customer and system level)
system = All system level users (reseller managers, system manager and system administrators)
system-admin = All system administrators (not reseller manager and system managers)

security.two_factor_authentication_provider_types

email|otp|twilio|smpp

empty = no 2FA support

The enabled two factor authentication provider types delimited by |.

Options:
otp = Use OTP Authenticator apps
twilio = Use Twilios SMS service (see section below for required provider specific configuration)
email = Use the default SMTP for sending the 2FA verification code
smpp = SMPP server (see section below for required provider specific configuration).

Info

Note that the order is important, i.e. if both twilio and smpp is configures the first one will be used for SMS.

security.two_factor_authentication_valid_for_minutes

-1 | integer

The time between two factor authentication requests. I.e. if the user have previously logged in the within the last X minutes the 2fa step is skipped.
-1 will force 2FA on every login.

Configuration example using basic.config

...