Versions Compared

Version Old Version 7 New Version 8
Changes made by

MS

MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Abiquo supports two-factor authentication for the user interface to improve login security. 

...

Configure authentication system

System time

The codes generated for
Excerpt

To configure the authentication system do these steps:

  1. Synchronize system time: two-factor
integration
  1. codes are dependent on the system
time. Check server date and
  1. time
synchronization when configuring two factor authentication, and as part of the user issue troubleshooting process.Ensure correct

  2. For a multi-datacenter configuration

In a multi-datacenter environment where

  1. , configure Appliance manager for template upload and download

are required, to enable two-factor authentication, the administrator must configure the Appliance Manager

  1. as described in

:

  1. Uploading and dowloading templates in multi datacenter

Configure authentication for integrations

On an enterprise level, if two-factor authentication is enabled for an enterprise, the administrator must

  1. For each enterprise that requires 2FA, migrate automation and integrations to OAuth

. See 

  1. , see Authentication#OAuthv1.0VersionAAuthentication

For information about implementing

  1. . To implement two-factor authentication for a portal, see Authentication

Configure events

  2. For

Abiquo

  1. events and event streaming, if

the enterprise that

  1. the M-user belongs to

is required to use two-factor authentication, the administrator will also need to

  1. a tenant that must use 2FA, configure the M-user to use OAuth

. See Authentication#OAuthv1.0VersionAAuthentication

  1. .

 

  1. Enter the OAuth credentials in the Abiquo properties file. See Abiquo Configuration Properties#m. See Authentication#OAuthv1.0VersionAAuthentication

  2. Configure Google Authenticator properties

For Google Authenticator, the administrator can set

  1. . Set the name of the issuer of

the two-factor

  1. authentication codes

in the Abiquo properties file

  1. . See Abiquo Configuration Properties#2fa 

  2. Configure email authentication properties:

The administrator can set

    1. Set the email server configuration, including the sender with the "from" property. See Abiquo Configuration Properties#server

You can also set

    1. Set the length of time that the email codes will be valid for. See Abiquo Configuration Properties#2fa

  2. For email authentication, you can edit the email message. See Configure Email Templates

Troubleshooting two-factor authentication

  • Check server date and time synchronization as part of the user issue troubleshooting process.

Manage two-factor authentication in the Abiquo UI

The Cloud Administrator can

and API

For the platform, enable two-factor authentication in the Configuration view (or using the API).


When an administrator creates or edits an enterprise, they can mark a checkbox to require two-factor authentication of all users in the enterprise.

In the API, this is done by setting the enterprise attribute of twoFactorAuthenticationMandatory to true.


If two-factor authentication is not required, the user can still enable it from the username menu by clicking on the icon or username in the top right-hand corner of the screen and selecting two-factor authentication. Note that you can enable or disable 2fa for your own user only.

Using the API, you enable or disable 2fa by posting the authentication method to the action link of the user.

...