Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-89360 As an Instance Administrator, I want to configure an Email One Time Password (OTP) verifier
  3. LPS-112237

[Doc] How to instantiate and configure an Email One Time Password (OTP) verifier as an Instance Administrator

    Details

    • Sprint:
      AS | Iteration 10, AS | Iteration 11, AS | Iteration 12, AS | Iteration 13, AS | Iteration 14, AS | Iteration 15, Iteration 35, Iteration 36, Iteration 37, Iteration 38, Iteration 39
    • Type of Documentation:
      Deployment

      Description

      Background
      This development is part of the creation of a component that allows the activation of Multi-Factor-Authentication (from now on: MFA) in the portal. When accessing the portal using the Login UI, a second authentication factor will be requested to verify the user's identity beyond the password.

      Features
      This feature allows to activate/deactivate MFA and apply the verification via mail (only available at DXP version). Functionality enabling MFA always means activating the Email OTP verifier, it should be impossible to activate MFA without having this verification enabled. So we would have two scenarios to consider when a user logs into the portal:

      • Do not enable MFA: User will access the portal using mail/password
      • Enable MFA (and therefore activate Email OTP as a verifier): User will access the portal using mail/password and then the verification via email would be shown. The end user will be shown a screen where he/she should enter the code received in his/her mail account.

      Steps
      As Instance Administrator, to activate this functionality there's a new option at Instance Settings - Multi-Factor Authentication. There are also several configurable fields where you can also set the mail template to be used.

      Also, as System Administrator an option has been added to generally disable MFA for all instances in System Settings - Multi-Factor Authentication to help control possible general login problems.

      As end user if MFA has been activated, when logging in to the portal, as a security measure a verification code will be requested which will receive by email at the principal mail address.

      Code
      There're several modules to take into account for this functionality:

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              marta.medio Marta Medio (Inactive)
              Reporter:
              nora.szel Nóra Szél
              Recent user:
              Tibor Lipusz
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package
                  7.3.10 DXP GA1