Multi-Factor Authentication in Anypoint Platform
We take a look at setting up Multi-Factor Authentication on the Anypoint Platform by registering the Salesforce Authenticator mobile app.
Join the DZone community and get the full member experience.Join For Free
Multi-Factor Authentication (MFA) is a security mechanism wherein a user is granted access only after providing more than one method of authentication.
An organization administrator can make it mandatory for all non-SSO users to use MFA, exempt some accounts from this or make it optional for users — allowing users to enable it if they want.
MFA setting is not applicable to SSO users, they have to enable MFA at their respective Identity provider level.
Anypoint platform MFA can be done using any of the below methods:
- One-Time Password Generator: Registers an authenticator app to create verification codes that you provide when logging in to Anypoint Platform.
- Built-in Authenticator: Registers a physical authentication device, such as Touch ID or Windows Hello, to verify your identity when logging in to Anypoint Platform.
- Security Key: Registers a USB security key, such as Yubico YubiKey or Google Titan Security Key, to your account. The device is then authorized to create verification codes that you provide when logging in to Anypoint Platform.
- Salesforce Authenticator: Registers the Salesforce Authenticator mobile app to create verification codes that you provide when logging in to Anypoint Platform.
In this article, we will look at the last method; i.e; Salesforce Authenticator.
Process to Apply MFA
Login to Anypoint platform account, navigate to Access Management > Multi-Factor Auth.Two options are there: Optional and Required. By default it is optional, meaning MFA is not required by the organization but users can enable it if they want. Selecting Required makes it mandatory for all users to use MFA. Admin can exempt some accounts from it.
Let’s make it required.
- Either log out and log in again or open the Platform login page using a different browser or incognito and after entering username and password, it will ask to use one of the four MFA methods.
- Here, we will go with the Salesforce Authenticator, for which the Salesforce authenticator app is required on the phone. Finish the setup which is pretty simple.
Now whenever users try to login to the Anypoint platform, they will be asked to authenticate themselves using the Salesforce Authenticator app.
If Optional is selected in the first step, users won’t be required to provide one more verification before they can be logged in but they can still enable MFA by going to profile > Configure Multi-Factor Authentication (MFA) and setting up the MFA method.
Thanks for reading!
Published at DZone with permission of Abhay Yadav. See the original article here.
Opinions expressed by DZone contributors are their own.