Hello ,
when logged in as a tenant admin i can enable two factor authentication for user from identity management-> users tab. Happy path : When user has his own microsoft authenticator app registered everything works well and after login when 2FA is enabled user is requested to put a verification code.
Sad path ( to correct ) : When user do not have registered his own microsoft authenticator he is beeing locked in some what on the 2FA step. Because he do not have any service provider to pass through:
What I want to achieve is to force the registration form for authenticator app after user is logged in only if the particular user do not have his own microsoft authenticator registered. So I want to show this wizard :
What is more i want to have a possibility to reset authenticator setting for particular user from tenant admin level. Basically to perform such action like on the screen below but from tenant admin level for particual user :
Note : All main settings from settings-management tab are set to optional from host admin level and tenant admin level as well.
I've checked documentation in here : https://abp.io/docs/latest/modules/identity/two-factor-authentication And also I've tried to search something in support forum but didn't found anything satisfying.
- ABP Framework version: v8.3.0
- UI Type: Blazor Server
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
7 Answer(s)
-
0
hi
I will check&confirm the problem.
-
0
Hi , thanks for response ,
to clarify : Tiered (for MVC) or Auth Server Separated (for Angular): yes
-
0
Thanks.
-
0
hi
Are you using the
v8.3.0
?I can't reproduce this problem.
- I created a new user and enabled its 2fa.
- I log in with this user, and there is no 2fa page.
- If I add a Google authenticator, re-login will require the 2fa.
- if I remove the Google authenticator. re-login will not require 2fa page.
What is your framework version and can you try to reproduce this in a new template project.
Thanks.
-
0
Hi,
yes the version is 8.3.0 .
The issue is on our side in the step when you will enable 2FA for user who have not registered a provider.
I will check it on empty project maybe some configuration is implemented which caused the issue. Do You have any idea what can affect this particular flow which You described ?
Thanks
-
0
hi
Do you use the account and identity source code in your project?
Can you share a project to reproduce the problem so that I can check it locally?
Thanks.
liming.ma@volosoft.com
-
0