-
Type:
Story
-
Status: Closed
-
Priority:
Minor
-
Resolution: Completed
-
Affects Version/s: None
-
Fix Version/s: 7.3.10 DXP GA1
-
Component/s: Application Security > Multi-Factor Authentication
-
Epic/Theme:
-
Epic Link:
-
Sprint:Iteration 30, Iteration 31, Iteration 32, Iteration 33, Iteration 34, Iteration 35, Iteration 36
Description
The existing auditing framework is utilized to provide details when a user (un)successfully passes MFA validation.
- Events of the attempts are registered for audit portlet and can be monitored, checked there.
- This has been implemented already
- This has to be documented
- There is no additional notification to be sent out in case of e-mail OTP as there is already a notification implemented for the verifier.
It is necessary considering to add notifications at other verifiers where there is no notification implemented with the verifier itself already (like there is an e-mail notification already in case of e-mail OTP)Transferred to LPS-105358.Another thing to consider is to show history of successful attempts and login time. It can help for users to see there was some "unauthorized" usage of login data for example at a public place after the user left that place.Transferred to LPS-101757.
Acceptance Criteria
- As an Instance Administrator, I want to be able to see successful/unsuccessful attempts' details of authenticating by verifiers and by End Users under the Control Panel > Configuration > Audit
- is related to
-
LPS-105358 As an End User, I want to get notifications about successful/unsuccessful attempts of authenticating by verifiers if there is no notification already so that I can see if someone else tries to sign in with my credentials
-
- Backlog
-
- relates
-
LRDOCS-7697 User Document for Multi-factor atuthentication
-
- Closed
-