Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

From the October release 2020 Meridix support two factor authentication through e-mail (SMTP) or SMS (twilio or SMPP).

The following providers are available: twilio and email and the configuration is done through the standard property provider system. The 2FA can be configured on system, reseller or customer level but not on the user level.

Property key

Valid values (bold=default)

Description

security.two_factor_authentication_enabled

true | false

Should the system enforce two factor authentication

security.two_factor_authentication_scope

all | admin | system

For who should the system enforce two factor authentication. Options: all | admin | system.

all = All users
admin = All admin users (customer and system level)
system = All system level users (reseller managers, system manager and system administrators)

security.two_factor_authentication_provider_type

twilio | email

The two factor authentication provider type. Options: twilio (SMS), email (SMTP).

twilio = Use Twilios SMS service (see section below for required provider specific configuration)
email = Use the default SMTP for sending the 2FA verification code

security.two_factor_authentication_valid_for_minutes

-1 | integer

The time between two factor authentication requests. I.e. if the user have previously logged in the within the last X minutes the 2fa step is skipped.
-1 will force 2FA on every login.

Configuration example

    <!-- Should the system enforce two factor authentication -->
    <add key="security.two_factor_authentication_enabled" value="false" />

    <!-- Fow who should the system enforce two factor authentication. Options: all | admin | system -->
    <add key="security.two_factor_authentication_scope" value="all" />

    <!-- The two factor authentication provider type. Options: twilio (SMS), email (SMTP) -->
    <add key="security.two_factor_authentication_provider_type" value="email" />

    <!-- 
      The time between two factor authentication requests. I.e. if the user have previously logged in the within the last X minutes the 2fa step is skipped. 
      -1 will force 2fa on every login 
    -->
    <add key="security.two_factor_authentication_valid_for_minutes" value="-1" />

Providers

twilio

A provider for sending SMS using Twilio. Requires an account in twilio that will be used. The required properties for the twilio provider is listed below.

https://www.twilio.com/

<add key="twilio.account_sid" value="AC089df37bc21bd4f6d481cb9635a545ad"/>
<add key="twilio.from_number" value="+12183044983"/>
<add key="twilio.token" value="3781c88e7e1989a799c686bead929116"/>

email

A provider for sending E-mails using the standard SMTP service in Meridix. No additional properties needed other than the standard SMTP configuration.

  • No labels