Add Push MFA notification support for Non-HelloID Authenticator Apps
Jeff Ferrell
We use DUO for our 2FA. I agree here. We have a DUO "RADIUS" server on prem and our apps that need 2FA we can point to that instance which then handles push for us via DUO"s servers.
However, since we are now cloud based for HelloID, it won't work. A solution would be to have the authentication to HelloID done with RADIUS and an on prem authentication agent?
R
Rick van den Dijssel
Jeff Ferrell: We tried to add Radius (onpremise) inside the agent in the past but we had to stop the development because the required library would force us to update to powershell core for task execution. We tested this but it would have caused a lot of powershell scripts to fail. Therefore we decided to not implement Radius (onpremise).
R
Rick van den Dijssel
Kevin Lisowski we've reached this a year ago but it's technically not possible because a push notification isn't a standard and could only be used by the same supplier delivering the MFA itself. So as example the push to notify for Microsoft is only available when the MFA of Microsoft is used. This is the case for all vendors (us included). If you have any documentation, sdk or anything that it is possible please share this with us? Did a quick search but couldn't find anything.
K
Kevin Lisowski
Rick van den Dijssel: It appears to be an available option for Twilio's Authy:
Not sure about Microsoft Authenticator, but I would presume the developers have a better idea of what the best search terms/locations to use would be.