Reference Guide
Multi-Factor Authentication

Using SMS for MFA

3min

There are two methods to send SMS: over HTTP (via SMS Proxy), or over SMPP (via SMSC).

Instead of using the Single Connect mobile app, OTPs can be generated by Single Connect and sent via SMS.

To adjust the MFA SMS Settings:

  1. Navigate to Administration > System Config Man.
  2. Enter 2fa in the Parameter Name field and click the Search button.
  3. Set the value of the iga.2fa.sms.http.body, iga.2fa.sms.http.headers, iga.2fa.sms.http.secret.body, iga.2fa.sms.http.url, iga.2fa.sms.smpp.body, iga.2fa.sms.smpp.secret.body, iga.2fa.sms.http.timeout and iga.2fa.token.timestep parameters.
SMS Settings for MFA
SMS Settings for MFA


Non-administrator users can use the MFA they will use when they gain access, from both SMS and Mobile Application. In addition, SMS activations can be done by users themselves. In this way, only SMS or only mobile application can be used.

To activate SMS for users with admin rights:

  1. Navigate to Administration > 2FA Provisioning > User Group Management.
  2. Activate SMS by clicking Enable SMS in the SMS column on the line of each user group.
SMS Activation by Admin Users
SMS Activation by Admin Users


To activate SMS for users with user rights:

  1. Navigate to Administration > 2FA Provisioning > View Barcode > SMS.
  2. SMS Configuration pop-up opens. Select true from the Enable SMS dropdown. (The Inherit from group is inherited from the User Group property.)
SMS Activation by End Users
SMS Activation by End Users


Note on MFA SMS Logic:

The preference of each user is dominant. When otpSmsEnabled is updated in the User Group Properties, the properties of the group members are not updated.

MFA SMS sending logic is as follows:

If otpSmsEnabled is defined in the user property, its value is used (no lookup for user group properties).

If otpSmsEnabled is NOT defined in the user property, SMS is sent when at least one of the user's groups has the otpSmsEnabled property as true.

The combo box values are a) Inherit from group, b) false, and c) true. If no otpSmsEnabled property exists in the user properties, the Inherit from group appears selected when the SMS Configuration popup opens.