Using MFA to Log in to the Kron PAM Web GUI

mfa can be used to add another security level to the kron pam login after users enter their kron pam login credentials, the system will ask for a one time password (otp)that will be generated by the mobile app or sms prerequisites all users and the admin user must do the following generate a qr code install the kron pam mobile client scan the qr code with the mobile client mfa must be enabled for a user group if there is no user group enabled mfa will not work if mfa is enabled for one or more user groups, it will only be enabled for these users for kron pam logins see , docid 8ua95lxzjp4vc6mff90az and docid\ fgqar5tv6lsoe8zgmbtfn mfa also must be configured for the admin, by creating and sending a qr code so that the admin can sync their kron pam and their kron pam mobile client if mfa has not been configured for the admin, the admin cannot log in if the admin gets locked out, please contact the kron pam support team to activate multi factor authentication (mfa) for the kron pam gui log in navigate to administration > system configuration manager set the required parameters sc portal otp enabled=true (one time password enabled for gui login) otp rest url=http //127 0 0 1 (if ssl is enabled in the network, the url should be https //127 0 0 1) log out and log in again after logging in, kron pam asks for an offline token open the kron pam mobile client, select offline token , and enter the token value to log in