Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

DaanHoogland closed issue #145: Add support for 2FA in cmk URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To

Re: [PR] login: allow 2fa code input if mandated [cloudstack-cloudmonkey]

DaanHoogland merged PR #175: URL: https://github.com/apache/cloudstack-cloudmonkey/pull/175 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr

Re: [PR] login: allow 2fa code input if mandated [cloudstack-cloudmonkey]

github-actions[bot] commented on PR #175: URL: https://github.com/apache/cloudstack-cloudmonkey/pull/175#issuecomment-3167311550 ✅ Build complete for PR #175. 🔗 Download the [cmk binaries](https://github.com/apache/cloudstack-cloudmonkey/actions/runs/16827663541/artifacts/3718561

Re: [PR] login: allow 2fa code input if mandated [cloudstack-cloudmonkey]

DaanHoogland closed pull request #175: login: allow 2fa code input if mandated URL: https://github.com/apache/cloudstack-cloudmonkey/pull/175 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the

[PR] login: allow 2fa code input if mandated [cloudstack-cloudmonkey]

shwstppr opened a new pull request, #175: URL: https://github.com/apache/cloudstack-cloudmonkey/pull/175 Fixes #145 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsub

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

Jayd603 commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620791342 > Hi [@Jayd603](https://github.com/Jayd603) you should either just use apikey-secretkey which doesn’t need 2FA or set username and password and use the validate c

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

Jayd603 commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620788017 > Hi [@Jayd603](https://github.com/Jayd603) you should either just use apikey-secretkey which doesn’t need 2FA or set username and password and use the validate c

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

rohityadavcloud commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620658857 Hi @Jayd603 you should either just use apikey-secretkey which doesn’t need 2FA or set username and password and use the validate code api. You’re doing both

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

Jayd603 commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2619898361 I have both api/secretkey configured and working. When trying to use createAccount I am getting 2fa failure despite issuing a successful 'login' and 2f

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

contains whether 2FA is enabled or not: { "loginresponse": { "username": "rohit", "userid": "9e9ba412-d3ca-4bf4-aead-768c0b09531f", "domainid": "d3806260-e766-11ee-b2c1-525400

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

rohityadavcloud commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2011824280 I checked with help from @harikrishna-patnala and found that: 1. APIs called using apikey/secretkey bypass the 2FA checks; for most ACS/cmk users cmk

Re: [I] Add support for 2FA in cmk [cloudstack-cloudmonkey]

rohityadavcloud commented on issue #145: URL: https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-1961134519 @harikrishna-patnala could you advise how we can detect if 2FA is enabled or an API needs some kind of inputs -> any way to implement that in a better UX

[DISCUSS] 2FA framework and plugins for CloudStack

All, During CCC21 hackathon, I explored the feasibility of a 2FA framework and a TOTP (time-based OTP) plugin that can be used with Google Authenticator, MS Authenticator, Authy etc. I've used ideas of TOTP based 2FA PoC to put together a design doc for discussion: https://cwiki.apach

Re: 2FA

Hi Rakesh, We have a user authentication/login framework that you can extend to do 2FA. Something like (throwing ideas at you): * Implement separate API to do 2FA (general purpose) and implement 2FA plugin-framework (plugins can be sms, captcha, google authenticator) * In UI - the 2FA

Re: 2FA

Hi Rakesh, MFA is generally done via an IAM rather than on a per-application basis. As Simon had mentioned, CloudStack does support SAML / LDAP so, in a general / corporate use case, the MFA would go there. So I do not think adding support for 2FA will add any significant benefit That being

Re: 2FA

Rakesh, ACS does support SAML2 and in order to deploy 2FA/MFA, you could integrate it with an Identity and Access Management System such as Keycloak (https://www.keycloak.org/). -Si From: Rakesh Venkatesh Sent: Tuesday, August 10, 2021 4:34 AM To: users ; dev

2FA

Hello Has anyone thought about 2FA or about how to implement it in cloudstack? Looks like this will be good addition to enhance the security. I have some idea about implementing in the backend but dont have much idea on how to display the QR code in ui or other functionalities which is needed for