Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents




OTP Email MFA is a Multi-factor authentication plugin that sends a one-time password to a user's email providing an additional layer of security.

Multi-Factor Authentication (MFA) is a security best practice that adds an extra layer of protection on top of a username and password combination. By requiring an additional authentication code from a trusted device, MFA safeguards access to a user’s account even if the password is compromised.

Get Started

Steps to Import this Plugin

1. Go to the website


9. The Joget Workflow Knowledge Base has more information on managing and developing plugins.

Steps to Use this Plugin

Steps for Administrators

1. Start the Joget server and open the App Center.


5. Once the OTP Email MFA Authenticator has been enabled, users will be able to enable MFA individually in their User profile.

Steps for Users

1. Users can activate OTP Email MFA Authenticator in their respective user profiles by clicking the "Activate" button. (See Figure 5)


5. On subsequent logins, the users will be prompted for an OTP password which will always be sent to the user's email.

Deactivating Multi-Factor Authentication

1. As a user, you can disable OTP Email MFA Authenticator by clicking on the Deactivate button in your user profile. (See Figure 7)


2. Administrators can also disable MFA for a specific user by selecting the Setup Users under Users in the admin bar and clicking on the Deactivate MFA button. (See Figure 8)

Figure 8

One-time Password Email MFA Authenticator Properties

Configure One-time Password Email MFA Authenticator

Validity Period (minute)Expiration time for the One Time Password (OTP) sent to the user's email registered in the profile to remain valid in minutes. The default value is 5 minutes.
SubjectThe subject of the email with the OTP.
MessageThe message to be displayed in the email.