Skip to main content
Skip table of contents

Sectona MFA

Sectona Privileged Access Management (PAM) supports SMS and Email OTP for user verification. This section outlines the configuration settings required to enable and use SMS/Email-based OTP authentication. To configure the multifactor authentication for users, the administrator has to create a suitable Logon Policy with the respective MFA type and assign it to the user.

This section covers the procedure for setting up:

SMS token

SMS Tokens can be sent if you have configured the General Configuration section → SMS Gateway. Sectona can generate OTPs and send them over to phones. To enable SMS token as an additional factor for user authentication, follow the procedures as below:

  • Login to the system and select Platform Configuration from the product navigator.

  • Under the Authentication section click on Multi-factor authenticationSectona MFA and enable the SMS OTP option at the system level.

  • Define a logon policy with an option for multi-factor authentication as SMS OTP.

  • Go to Configuration on the navigation bar → Select SMS Gateway from the side scrollbar and the required details of the SMS gateway provider. The configuration supports integration with SMS gateways supporting REST APIs.

  • In the Gateway URL field, update the standard URL-based supporting HTTP request to the API.
    Example String: <https://<hostname>/rest/api/3/issue/ACME-1

  • In the Method field, you can either mention the Get or Post method to cache the request.

  • Customizable Headers can now be added and edited as per the user's requirement.

  • Sender ID is normally the account name set by your provider. This is different for transactional and promotional messages.

  • Request Data provides a list of URL formats to push SMS to the platform.

  • In the Accept field, use the field based on settings such as URL encoded or otherwise.

  • Mention a list of valid success and failed criteria messages to validate your API response in the Success Criteria and Failed Criteria fields.

  • Provide username and password/key to authenticate to REST API as required by your provider in the Username and Password field.

  • Enable the Network Proxy field to add the desired network proxy. This is required when your Sectona Web Access component needs to communicate over the internet with Jira Cloud. For more information, configure the Network proxy section Setting up a network proxy.

  • Enable the Active checkbox and click on Save to activate the configuration.

Email OTP

In this type of authentication, the user's email ID must be registered within the system. Once the user logs in, an OTP will be sent to the registered email ID. The user will have to enter the OTP, after which access will be granted to the system.

To reach the MFA Service, you need to follow specific steps:

  1. Login to the system and select Platform Configuration from the product navigator.

  2. Under the Authentication section click on Multi-factor authenticationSectona MFA

  3. Choose the Email OTP checkbox.

  4. Fill in the information required.

  5. Click on Save, and your Sectona authentication mechanism will be enabled.

You can define the maximum unsuccessful login attempts and OTP length and define an OTP template.

To provide the user the authority for access to any of the above-mentioned list of supported techniques in Sectona MFA, you need to provide that information in the Logon Policy and select the MFA type.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close