Enabling Multi-Factor Authentication (MFA)
A user with the Account Admin Role or high can add a multi-factor authentication (MFA) option for accessing Interact. Adding MFA will affect users with the following Roles:
Account Admin
Designer
Flow Admin
BI Designer and BI Viewer
Data Admin
Logging in to Agent applications is not affected when MFA is enabled.
MFA is frequently used to verify identification of a user and to prevent unauthorized hacking when logging in to a web browser-based platform. Following entry of the user's password, the platform invokes the MFA process. For example, the login dialog may display a unique QR code which the user scans using a supported MFA application on a separate device (typically a cell phone). The MFA application then sends a one-time login token to the user, who enters it during an additional login step.
MFA is enabled and configured for an account from the Authentication Settings page in the X-Console Settings menu.
Note
Although it is optional, we strongly recommend using MFA to help protect your account.
Settings for Legacy Configuration
These settings are relevant for configurations prior to Release 2023.3.
From the X-Console Settings menu, select Authentication. The Authentication Settings page is displayed:
From the Authentication Type dropdown menu, select Internal.
Switch the Enable multi-factor authentication toggle to the On (green) position. When enabled, additional MFA settings are displayed.
Note
For security reasons, after MFA is enabled for an account, only a user with System Admin Role can disable it.
Set the frequency for invoking the MFA mechanism using the Security code is required radio button:
On each log in - to confirm the user each time they log in to the platform.
Once a day - to confirm the user the first time they log in to the platform each calendar day.
Every X - to confirm the user at regular intervals (i.e., Hours, Days or Weeks) that you enter, with a maximum interval of 30 days
Tip
For the best combination of user experience and security, we recommend setting MFA confirmation to once a day.
In the Security code attempts before lockout field, enter the maximum number of failed MFA token entry attempts allowed for a user before being locked out of the account.
When you finish configuring MFA, click Save and Logout at the lower right of the page. The new settings will be stored and you will be logged out of the account. You will need to log in again using the newly configured MFA mechanism.
Settings for Auth0 Configuration
These settings are relevant for configurations that utilize Auth0 authentication (Release 2023.3 and later).
From the X-Console Settings menu, select Authentication. The Authentication Settings page is displayed:
From the Authentication Type dropdown menu, select either Internal or Both.
Switch the Enable multi-factor authentication toggle to the On (green) position. When enabled, additional MFA settings are displayed.
Note
For security reasons, after MFA is enabled for an account, only a user with System Admin Role can disable it.
Set the frequency for invoking the MFA mechanism using the Security code is required radio button:
On each login - to confirm the user each time they log in to the platform.
Enable 30 days login - to confirm user log in every 30 days. Note that when there is no user activity on the platform for more than 7 days, the user will be required to confirm MFA on their next activity, and the 30-day counter will be restarted.
When you finish configuring MFA, click Save and Logout at the lower right of the page. The new settings will be stored and you will be logged out of the account. You will need to log in again using the newly configured MFA mechanism.
Disabling MFA
Note
Only a user with System Admin Role can disable the MFA setting for an account. If you are not a System Admin, you need to contact Uniphore Support directly to request a setting change.
To turn off the MFA mechanism, go to the Authentication Settings page and switch the Enable multi-factor authentication toggle to the Off (red) position.