The Google Authenticator API can be very simply configured to be used primarily in the two-factor authentication (2FA) of the security module.
In this article, we will show you how to perform this configuration in ScriptCase.
Download the Google Authenticator app on a mobile device
The app is available for Android and iOS mobile devices, so just open the stores (PlayStore or AppStore) and search for Google Authenticator. Once that's done, just install the application and then start.
Right away, two options will appear that we can use to add an account that will be used for two-factor authentication (2FA). They are: Read QR Code and Enter Configuration Key. Our option of interest later will be "Scan QR code".
Enabling the API in ScriptCase
Let's go to the option "Tools -> API" in the horizontal top menu of ScriptCase to configure the API:
Let's go to "Add new", to add a new API profile:
We select the option "Google_authenticator" in the Gateway field, and then define a name for this profile, define the Mode (public, project or user), and finally the Domain, which defines the domain that will be enabled for the use of authentication in two steps. We click on "Save", and our API will already be active:
When we choose the Google Authenticator API in the configuration of two-factor authentication (2FA) in the security module (see how to perform this procedure
), and later when we go to enable this option in the "Security" of our project, a screen will appear with a QR Code to be read, and also a field called "Code", as shown in the image below:
In the Google Authenticator app that we installed on our mobile device, let's go to the option "Scan QR Code", and bring the camera close to the QR Code that is in the image above.
When the reading is done, a code will be generated in the application that keeps changing every 10 seconds, and it is exactly this code that we will insert in the "Code" field that is in the image above.
After insertion, our project will have two-factor authentication (2FA) enabled for use with Google Authenticator, and to confirm activation, just click on the "Exit" option in the "Security" menu on the left side, and perform the access to project applications.