Two Factor Authentication - User Guide (Agent Desk)

There are 2 two-factor authentication channels, implemented in the Keycloak Adapter, which will be available to the end user for authenticating himself with two-factor authentication. These channels are:

1. Google Authenticator Mobile App

2. SMS

Workflow for End-User

Following will be the steps performed by the user to access the applications with two factor authentication.

2FA with Google Authenticator

1. User has not registered for 2FA

   1. User enters his login credentials on login screen (Image1) and clicks “Login”.

      

   2. User will be redirected to another screen where a QR code (Image2) and secret code (Image3) will be shown to user for registration.

   3. There will also be an input field for OTP.(Image2 and image3)

      

      

   4. User will scan QR code through Google Authenticator or enter secret code manually in the app.

   5. An OTP will be displayed to user with his username. A new OTP will be generated after every 30 seconds.

   6. User will enter the OTP (which is currently visible in app) in OTP field and click “Register”.

   7. If OTP is valid then user will be successfully logged in and registered for 2FA.

2. User has already registered for 2FA

   1. User enters his login credentials on login screen (Image1) and clicks “Login”.

   2. User will be redirected to another screen (Image4) where an input field will be shown to user to enter OTP.

      

   3. User will enter the OTP (which is currently visible in app) in OTP field and click “Send”.

   4. If OTP is valid then user will be successfully logged in.

2FA with SMS

1. User has not registered for 2FA

   1. User enters his login credentials on login screen (sms image 1) and clicks “Login”.

      

   2. User will be redirected to another screen (sms image 2) and will be prompted to enter his phone number in the input field shown to him for 2FA registration.

      

   3. User will enter his phone number in input field and click “Register”.

   4. A dialogue box will be displayed (sms image 3) to user to confirm his phone number.

      

      1. If it’s wrong then user will be allowed to edit his phone number.

      2. If it’s correct then an OTP will be sent to user via SMS.

      3. User can also request to resend OTP (if it is not received) by clicking “Resend OTP” button.

   5. An input field will be shown to user to enter the OTP.(sms image 4)

   6. If OTP is valid then user will be successfully logged in and registered for 2FA.

      

2. User has already registered for 2FA

   1. User enters his login credentials on login screen (sms image 1) and clicks “Login”.

   2. User will be redirected to another screen (sms image 4) where an input field will be shown to user to enter OTP sent to his phone number.

   3. If OTP is not received then user can re-login to receive another OTP.

   4. User will enter the OTP received via SMS in OTP field and click “Send”.

   5. If OTP is valid then user will be successfully logged in.