rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2011824280
I checked with help from @harikrishna-patnala and found that:
1. APIs called using apikey/secretkey bypass the 2FA checks; for most
ACS/cmk users cmk will not prompt for 2FA code.
2. For APIs called using username/password for 2FA enabled systems, it
suggests users what to run, for example:
```
(mbx-419-rohit) 🐵 > list volumes
🙈 Error: (HTTP 511, error code <nil>) Unable to process the API request due
to :Two factor authentication 2FA is enabled but not verified, please verify
2FA using validateUserTwoFactorAuthenticationCode API before calling other
APIs. Existing session is invalidated.
(mbx-419-rohit) 🐵 > validate usertwofactorauthenticationcode -h
validateUserTwoFactorAuthenticationCode: Checks the 2FA code for the user.
Required params: codefor2fa,
API Params Type Description
========== ==== ===========
codefor2fa string two factor authentication code
(mbx-419-rohit) 🐵 > validate usertwofactorauthenticationcode
codefor2fa=105826
{
"success": true
}
```
This means 2FA support in cmk isn't a blocker for cmk / 2FA users. They can
still call this manually as the CLI/prompt suggests.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
