Jayd603 commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620791342
> Hi [@Jayd603](https://github.com/Jayd603) you should either just use
apikey-secretkey which doesn’t need 2FA or set username and password and use
the validate c
Jayd603 commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620788017
> Hi [@Jayd603](https://github.com/Jayd603) you should either just use
apikey-secretkey which doesn’t need 2FA or set username and password and use
the validate c
rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2620658857
Hi @Jayd603 you should either just use apikey-secretkey which doesn’t need
2FA or set username and password and use the validate code api. You’re doing
both
Jayd603 commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2619898361
I have both api/secretkey configured and working.
When trying to use createAccount I am getting 2fa failure despite issuing a
successful 'login' and 2f
contains whether 2FA is enabled or not:
{
"loginresponse": {
"username": "rohit",
"userid": "9e9ba412-d3ca-4bf4-aead-768c0b09531f",
"domainid": "d3806260-e766-11ee-b2c1-525400
rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-2011824280
I checked with help from @harikrishna-patnala and found that:
1. APIs called using apikey/secretkey bypass the 2FA checks; for most
ACS/cmk users cmk
rohityadavcloud commented on issue #145:
URL:
https://github.com/apache/cloudstack-cloudmonkey/issues/145#issuecomment-1961134519
@harikrishna-patnala could you advise how we can detect if 2FA is enabled or
an API needs some kind of inputs -> any way to implement that in a better UX
All,
During CCC21 hackathon, I explored the feasibility of a 2FA framework and a
TOTP (time-based OTP) plugin that can be used with Google Authenticator, MS
Authenticator, Authy etc.
I've used ideas of TOTP based 2FA PoC to put together a design doc for
discussion:
https://cwiki.apach
Hi Rakesh,
We have a user authentication/login framework that you can extend to do 2FA.
Something like (throwing ideas at you):
* Implement separate API to do 2FA (general purpose) and implement 2FA
plugin-framework (plugins can be sms, captcha, google authenticator)
* In UI - the 2FA
Hi Rakesh,
MFA is generally done via an IAM rather than on a per-application basis. As
Simon had mentioned, CloudStack does support SAML / LDAP so, in a general /
corporate use case, the MFA would go there. So I do not think adding support
for 2FA will add any significant benefit
That being
Rakesh,
ACS does support SAML2 and in order to deploy 2FA/MFA, you could integrate it
with an Identity and Access Management System such as Keycloak
(https://www.keycloak.org/).
-Si
From: Rakesh Venkatesh
Sent: Tuesday, August 10, 2021 4:34 AM
To: users ; dev
Hello
Has anyone thought about 2FA or about how to implement it in cloudstack?
Looks like this will be good addition to enhance the security. I have some
idea about implementing in the backend but dont have much idea on how to
display the QR code in ui or other functionalities which is needed for
12 matches
Mail list logo
