Configuring Multi-Factor Authentication in the Security Enhanced Directory Manager
As an administrator in Joget Workflow Settings > Directory Manager, choose the Security Enhanced Directory Manager and select Time-based One-time Password (TOTP) Authenticator for the Multi Factor Authenticator property.
Once the TOTP Authenticator has been enabled, users will be able to enable MFA individually in their user profile.
Activating Multi-Factor Authentication as a User
In your Joget Workflow profile page, click on the Activate button in the Time-based One-time Password (TOTP) Authenticator property at the bottom of the form.
A popup dialog will appear showing the secret key and a barcode.
Using the TOTP mobile app, scan the barcode or key in the secret key. The TOTP mobile app will create a new account.Save the secret key in a safe place, in case you need to reactivate your account e.g. in case of a lost device.
Key in the current generated code displayed in the TOTP mobile app into the Password field and click on Submit. If the code is valid, MFA is will be activated.
On subsequent logins, you will be prompted for a TOTP code password.
Deactivating Multi-Factor Authentication
As a user, you can disable MFA by clicking on the Deactivate button in your user profile.
Administrators can also disable MFA for a specific user by selecting the user under Setup Users and clicking on the Deactivate MFA button.