Abiquo supports two-factor authentication for the user interface to improve login security.
For a description of the user functionality, see Enable two factor authentication
Note: When you enable the Abiquo OpenID Connect integration, Abiquo disables two-factor authentication.
For a multi-datacenter configuration, configure Appliance manager for template upload and download as described in Uploading and downloading templates in multi datacenter
For each enterprise that requires 2FA, migrate automation and integrations to OAuth, see Authentication#OAuthv1.0VersionAAuthentication. To implement two-factor authentication for a portal, see Authentication
For events and event streaming, if the M-user belongs to a tenant that must use 2FA, configure the M-user to use OAuth. Enter the OAuth credentials in the Abiquo properties file. See Abiquo Configuration Properties#m. See Authentication#OAuthv1.0VersionAAuthentication.
Configure Google Authenticator properties. Set the name of the issuer of authentication codes. See Abiquo Configuration Properties#2fa
Configure email authentication properties:
For email authentication, you can edit the email message. See Configure Email Templates
To require 2fa for a tenant:
When two factor authentication is required, the user must enable it from the username menu.
If two-factor authentication is not required, the user may optionally enable it for their own account from the username menu.
To disable the display of the two factor authentication item in the username menu, the administrator can set the client.2fa.activated property to false in the UI configuration. See Configure Abiquo UI.
To require 2fa mandatory for a tenant, edit the enterprise and set the value of the twoFactorAuthenticationMandatory attribute to true.
To enable or disable 2fa for a user, post the authentication method to the action link of the user.