Versions Compared

Old Version 11

changes.mady.by.user Hugo

Saved on

compared with

New Version 12

changes.mady.by.user Ahmad

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

3.  Choose the Security Enhanced Directory Manager in the Select Plugin field and select OTP Email MFA Authenticator for the Multi-Factor AuthenticatorAuthenticator  property and click "Submit". configure accordingly. (See Figure figure 4)

Figure 4

4. Configure all the plugin configurations accordingly.(See figure 5,6&7)


Image Added

Figure 5


Image Added

Figure 6

Image Added

Figure 7


5. Before submitting the OTP Email MFA Authenticator, you may Send Test Email to verify your Email configuration.(See figure 8). 
You can also refer the SMTP settings from here :General Settings#SMTPSettings. The SMTP setting in General settings will enable Joget DX to use these SMTP values as global default values for all your apps.
Once all configurations have been inspect and tested, you may submit the OTP Email MFA Authenticator to Enable it.

Image Added

Figure 8


6. Once the OTP Email MFA Authenticator has been enabled, users will be able to enable MFA individually in their User profile.

7. Optionally, you may also activate all user to use OTP Email MFA Authenticator by default by adding their username as entries into the dir_user_meta table. 

Here's an sql query where you can do so :

Code Block
insert into dir_user_meta (username, meta_key, meta_value) 
    select username,'OTP_EMAIL','enabled' 
    from dir_user t1
    where not exists(
        select id 
        from dir_user_meta t2
        where t2.username = t1.id
    );

This query will add all the existing users in the dir_user table into dir_user_meta table with the following values :

username : <username>

meta_key : OTP_EMAIL

meta_value : enabled

The "where not exists" clause is to check and skip for existing users already having otp enabled.

Joget authentication will automatically check if the user exists in this table and prompt them with the "please enter OTP" message.


Steps for Users

1. Users can activate OTP Email MFA Authenticator in their respective user profiles by clicking the "Activate" button. (See Figure 59)

Figure 59

2. Before activating OTP Email MFA Authenticator, users should make sure that a valid and working email has been registered in their profile under the User Details section as the email containing the OTP will be sent to this registered email.

3. A popup dialog will appear showing a Password field to submit the email OTP sent to the user. If the code is valid, OTP Email MFA will be activated (See Figure 610).

Figure 610

4. The users should always remember to save their user profile after activating MFA.

...

1. As a user, you can disable OTP Email MFA Authenticator by clicking on the Deactivate button in your user profile. (See Figure 711)

Figure 711

2. Administrators can also disable MFA for a specific user by selecting the Setup Users under Users in the admin bar and clicking on the Deactivate MFA button button. (See Figure 812)

Figure 812


One-time Password Email MFA Authenticator Properties

...

NameDescription
Validity Period (minute)Expiration time for the One Time Password (OTP) sent to the user's email registered in the profile to remain valid in minutes. The default value is 5 minutes.
SubjectThe subject of the email with the OTP.
Message

The message to be displayed in the email.