Announcement

Collapse
No announcement yet.

2FA for SSO accounts

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • 2FA for SSO accounts

    Hello Guys,
    i have a regular user in espo which have 2FA enabled and after that he can't log in through SSO. I don't know whether it's a bug, because that may be your approach, but maybe it should be handled differently, because enabling 2FA for such users would be more secure

  • #2
    Hi,

    It's stated in docs that 2FA is not guaranteed. When using a 3rd party authentication provider, it's reasonable to also use their 2FA.

    Comment


    • yuri
      yuri commented
      Editing a comment
      > it should be handled differently

      It would mean quite an overhaul which not worth the effort. The current approach is quite elegant and well tested.

      If your provider can enable allowing re-use of issued authorization code (for a few minutes is enough), Espo 2FA should work.

  • #3
    Thanks Yuri for fast response.
    I got you. I understand

    Comment

    Working...
    X