Two Factor Authentication - MWO

Question

We wanted to get some direction from the technical side of setting up Mobile Work Order in IFS Cloud.

We want to make sure that logins on mobile go through two factor authentication. That means they need to use AD authentication or limit the devices that can us it.

We are looking to either disable mobile login from nort1app or for a reverse proxy solution that will limit access to specific devices. Or any other option that forces two factor authentication.

Are there other technical documents that could assist us with this?

Thank you.

Rukmal Fernando · Answer

@lemantif all of your MWO users only authenticate against ADFS or Azure AD, and you don’t need to access Aurena externally using any of your database users, a possible solution is to setup your reverse proxy to not allow traffic through to/openid-connect-provider/*which would prevent the use of the IFS Database Identity Provider for external MWO login.I assume nort1app is your app owner user, so when you need to login as that or any other Databaseuser, you can do so from within your internal network.I hope this helps you find a way forward. While not mobile app specific, I hope you’ve already reviewed our documentation regarding authentication and external access, especially:https://docs.ifs.com/techdocs/foundation1/010_overview/210_security/030_authentication/default.htmhttps://docs.ifs.com/techdocs/foundation1/010_overview/210_security/090_exposing_to_internet/default.htmhttps://docs.ifs.com/techdocs/foundation1/010_overview/210_security/090_exposing_to_internet/examples.htm(see especially the second example, and your scenario adds internal access to the IFS Database Identity Provider)Regards,/Rukmal

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded