webMethods Developer Portal MFA using Token Based OTPs

Introduction

In this tutorial, you will learn how to use token based OTPs for multi factor authentication in webMethods Developer Portal.

Pre-requisite

• SMTP server and that need to be configured in webMethods Developer Portal for mail service.
• Any one of the RFC compliant software- or hardware token, such as:
  • Google Authenticator
  • WinAuth (Windows)
  • html5-google-authenticator (cross platform, HTML)
  • JAuth (cross platform, JAVA)

In this tutorial we would use Google Authenticator.

Steps to follow

1. Ensure SMTP server is configured under Administration → SMTP
   

   

   image1219×573 31.4 KB

2. Next enable MFA in Administration → Security
   

   

   image1102×555 29.5 KB

3. When user sign up in webMethods Developer Portal they would be receiving the secret token via email
   
   

4. The secret token will be generated only once if it’s lost it can’t be recovered

5. Using the secret token the Google authenticator can be configured. Provide the secret token as key for your account setup
   

   

   image350×521 10.9 KB

6. We’re done with setting up the MFA. Next time when user tries to login webMethods Developer Portal they would be requested for OTP
   
   User can provide the token from Google Authenticator has a OTP

7. You will be taken to the Welcome Page after authentication
   

   

   image1493×682 108 KB