contains whether 2FA is enabled or not:
{
"loginresponse": {
"username": "rohit",
"userid": "9e9ba412-d3ca-4bf4-aead-768c0b09531f",
"domainid": "d3806260-e766-11ee-b2c1-525400
rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2011824280
I checked with help from @harikrishna-patnala and found that:
1. APIs called using apikey/secretkey bypass the 2FA checks; for most
ACS/cmk users cmk
rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-1961134519
@harikrishna-patnala could you advise how we can detect if 2FA is enabled or
an API needs some kind of inputs -> any way to implement that in a better UX
All,
During CCC21 hackathon, I explored the feasibility of a 2FA framework and a
TOTP (time-based OTP) plugin that can be used with Google Authenticator, MS
Authenticator, Authy etc.
I've used ideas of TOTP based 2FA PoC to put together a design doc for
discussion:
https://cwiki.apach
Hi Rakesh,
We have a user authentication/login framework that you can extend to do 2FA.
Something like (throwing ideas at you):
* Implement separate API to do 2FA (general purpose) and implement 2FA
plugin-framework (plugins can be sms, captcha, google authenticator)
* In UI - the 2FA
Hi Rakesh,
MFA is generally done via an IAM rather than on a per-application basis. As
Simon had mentioned, CloudStack does support SAML / LDAP so, in a general /
corporate use case, the MFA would go there. So I do not think adding support
for 2FA will add any significant benefit
That being
Rakesh,
ACS does support SAML2 and in order to deploy 2FA/MFA, you could integrate it
with an Identity and Access Management System such as Keycloak
(https://www.keycloak.org/).
-Si
From: Rakesh Venkatesh
Sent: Tuesday, August 10, 2021 4:34 AM
To: users ; dev
Hello
Has anyone thought about 2FA or about how to implement it in cloudstack?
Looks like this will be good addition to enhance the security. I have some
idea about implementing in the backend but dont have much idea on how to
display the QR code in ui or other functionalities which is needed for