Using MFA for Mobile Application
Single Connect’s built-in MFA can be used as a secondary layer of authentication for logging into the Mobile Application for its online features (Approval Management, Geo-Fencing, and Password Manager).
To enable MFA for Mobile Applications:
- Admin and user must install the Single Connect Mobile App and register a token to receive Offline Tokens with the mobile app. (You get the Offline Tokens from the Offline Token > Add > Register Token menu).
- MFA must be enabled for the user group that will be using MFA for Mobile Application connections. (See sections Sending MFA QR Code to Users, Creating a Connection Between Single Connect and the Single Connect Mobile Application, Enabling Multi Factor Authentication (MFA)
- Navigate to Administration > System Config. Man.
- Set the mobile.application.otp.enabled parameter as true.
After these settings are done and a login operation was started on the mobile application, the application will automatically look for a Registered Token in its Offline Tokens with the name that matched the tfa.otp.issuer parameter. If there are registered tokens with other names, then it will prompt for user to select a registered token. If the current six-digit value of the Offline Token (either the automatically)
The Mobile Application MFA functionality works only with the registered tokens to ensure that the offline tokens are only working in one application at a time.