Most clients using Centrify tool find it challenging to get API permission authenticated for MFA. However, after much support from the Centrify teams, Sennovate started to follow the authentication process.
The screen shot displayed below will help in starting the authentication process in postman which is the most popular tool used in API testing.
1. First /Start Authentication is called for.
2. Post this authentication process, a response is received with SessionID and MechanismID, from Centrify. Since we are using MFA, we will have two or more mechanismID that will be made available in the response.
3. As an example, assume I have a single login verification using password and email verification, wherein an OTP is sent to my email, which must be entered using my Login for it to be a success. So, when /Start Authentication is called, two MechanismID will be generated as a response.
4. Next, Advance Authentication is hit, in which session ID and both Mechanism ID are included using Multiple Operations, along with the password of the user.
5. Once /AdvanceAuthentication is called in the postman, “StartOOB” sends an email with an OTP.
6. Next, /AdvanceAuthentication is called AGAIN. In which MechanismID of the email verification is included along with OTP.
7. Authentication is complete, “Login Success” will be shown in the Response.
That’s how you get authenticated for Centrify’s MFA when using API. These above steps using postman will give you a clear idea on the workings of MFA’s API to get started in your in-house development.
How to reset the Forgotten root password in AWS-EC2 InstanceIt is often found challenging or sometimes difficult to reset the forgotten root password in the AWS system. Administrators, and analysts have their task cut out already with deployments or overseeing smooth...
Identity and Access Management – Your first choice to Avoid a Data BreachIAM is the first choice to avoid a data breach. Many organizations, and government agencies seem to ignore this fact completely or simply don't give importance to it. IAM is also termed...
Security Orchestration, Automation and Response (SOAR) – Own it or get it ManagedIn today's dynamic IT security landscape, rising security alerts and falling skills shortage is forcing IT decision-makers look at suitable solutions. Deploying security...
Stay Up to Date With The Latest News & Updates
Join Our Newsletter
Unleash more of your potential with weekly updates, tailored for your team.