Is it possible to configure Eramba to use 2FA/MFA (SMS Code, E-Mail, Google-Authenticator or another 2nd factor).
Best regards,
Wolfgang
From my understanding of the options, you’d need to handle that on your side and use either LDAP or SAML authentication for your users (essentially having your directory service handle the multifactor before clearing the user to enter). That’s how I’ve got mine set up via AzureAD at least…
Yes, we’re doing this by integrating Eramba with Keycloak.
correct, the magic of saml or google outh and to some extent ldap is that using single sign on once the user validates its identity against those directories (using passwords, mfa, etc) they do not need to do it again until the session expires.
Thank you very much for the helpful advice !
I will take a closer look at Keycloak.
Best regards,
Wolfgang
Reach out to me if you need any tips. We ran into one small hurdle while getting Keycloak working which involved the client name.