Deploy OTP tokens manually
In some cases, you may need to provide an OTP token to an end-user manually, even when the service is set to create tokens automatically. These cases include, for example, when a user doesn’t have access to an authenticator application. To do this, you configure the OTP service and deploy a token manually. Then, the user obtains the token through the captive portal.
Objectives
When you complete this unit, you'll know how to do the following:
- Turn on the OTP service and specify settings.
- Add a token and provide it to the user through the user portal.
Specify OTP service settings
First, you turn on the OTP service. Then, to maximize the protection this type of authentication offers, you require all users to use it. You also specify the features for which two-factor authentication is required.
The following steps are executed on the firewall.
- Go to Authentication > One-time password and click Settings.
-
Specify the settings.
Option Value One-time password On OTP for all users On Auto-create OTP tokens for users On -
Enable OTP for WebAdmin and User portal.
- Click Apply.
Add a token
Add a token. Users get the token through the captive portal.
- Go to Authentication > One-time password and click Add.
-
Specify the settings.
Option Value Secret abcdefabcdefabcdefabcdefabcdefabcdef User jsmith -
Click Save. The QR code is available to users in the captive portal. Users can scan the code using an authenticator application and begin using passcodes to sign in.
-
Locate the user and click Information
.
The firewall displays the token as a QR code and text key. You can send the text key to the user.
More resources