Skip to content

How to configure two factor authentication

Jump to bottom
Richard Marsot edited this page Nov 1, 2020 · 5 revisions

To provide support for two-factor authentication, we rely on the Pega Platform to generate a One Time Password (OTP) that will be requested through the DX API v1 using the authenticate/ODP endpoint. This endpoint supports two options to send the OTP to the user, through email or SMS. Once the user enters the OTP in the Uplus application, the OTP is validated using the 2nd endpoint. image

Two factor authentication can be configured for the Uplus application through the 'General' category under the settings tab. set the server based URL - make sure that it does not contain other path like '/prweb'. The server base url will be used to generate the url of the rest endpoint used for the OTP

Select the sendmode as email or sms. Note that sms requires some additional customization on the Pega Platform and is harder to setup than email notification. image

To use email notification, create a new email account under integration-resources. Make sure that the account is configured for outbound emails. The rule of the email account needs to be accessible to the user that will be authenticated. Make sure to store the instance in the same ruleset as the application used by the user.

To send the email to your account, you will need to set the OTP send ID - this field will accept an email if the sendmode is set to email or a phone number is the sendmode is set to sms. image

Clone this wiki locally