To add a new profile for multifactor authentication via TOTP, use the following command:
Admin@nodename# create users mfa-profiles totp <parameter>
Provide the following parameters:
|
Parameter |
Description |
|---|---|
|
name |
The name of the MFA profile. |
|
description |
A description of the MFA profile. |
|
show-qr-code |
QR code on the Captive portal page or in an email to facilitate configuring the device or the TOTP client software. |
|
notification-profile |
Select the notification profile to use. |
|
notification-sender |
Sender of the notification. Specify a name (if using an SMPP profile) or an email (if using an SMTP profile). |
|
notification-subject |
Subject of the notification, if using email notifications. |
|
notification-body |
Body of the email. In the message body, you can use a special variable named {2fa_auth_code} that will be replaced by the one-time password. The notification text is separated by quotation marks (""). |
To edit a profile for multifactor authentication via TOTP, use the following command:
Admin@nodename# set users mfa-profiles totp <mfa-totp-name> <parameter>
The parameters available to edit are identical to those used to create a profile.
Example of creating and editing a profile for multifactor authentication via TOTP:
Admin@nodename# create users mfa-profiles totp name "Test TOTP MFA profile" notification-profile pass show-qr-code on Admin@nodename# show users mfa-profiles totp "Test TOTP MFA profile" name : Test TOTP MFA profile show-qr-code : on notification-profile : pass notification-body : Your authentication code is {2fa_auth_code}! Do not share it with anybody! Admin@nodename# set users mfa-profiles totp "Test TOTP MFA profile" description "Test TOTP MFA profile description" Admin@nodename# show users mfa-profiles totp "Test TOTP MFA profile" name : Test TOTP MFA profile description : Test TOTP MFA profile description show-qr-code : on notification-profile : pass notification-body : Your authentication code is {2fa_auth_code}! Do not share it with anybody!