No edit summary |
No edit summary |
||
| Line 4: | Line 4: | ||
== 2FA in BlueSpice == | == 2FA in BlueSpice == | ||
The extensions [[Reference:OATHAuth|OATHAuth]] und [[Reference:WebAuthn|Webauthn]] make it possible to implement 2FA in BlueSpice | The extensions [[Reference:OATHAuth|OATHAuth]] und [[Reference:WebAuthn|Webauthn]] make it possible to implement 2FA in BlueSpice. They have to be configured explicitely after activation. | ||
* OATHAuth enables 2FA via one-time password | * OATHAuth enables 2FA via one-time password | ||
| Line 15: | Line 15: | ||
|+2FA in BlueSpice | |+2FA in BlueSpice | ||
!'''Extension''' | !'''Extension''' | ||
!''' | !'''Cloud''' | ||
!'''BS 4.1''' | !'''BS 4.1''' | ||
|- | |- | ||
|OATHAuth | |OATHAuth | ||
|activated | |activated | ||
|activated | |activated | ||
|- | |- | ||
|Webauthn | |Webauthn | ||
|not available | |not available | ||
|activated | |activated | ||
Revision as of 13:40, 22 January 2025
Two-factor authentication (2FA), often also called two-factor authentication, describes a user's proof of identity by means of a combination of two different and, in particular, independent components (factors). Typical examples are bank cards and PINs for ATMs, fingerprints and access codes in buildings, or passphrase and transaction number (TAN) for online banking.
2FA in BlueSpice
The extensions OATHAuth und Webauthn make it possible to implement 2FA in BlueSpice. They have to be configured explicitely after activation.
- OATHAuth enables 2FA via one-time password
- WebAuthn enables 2FA via FIDO sticks, Windows Hello!, etc.
Single-sign on (SSO): If an external authentication source (SAML, OpenIDConnect und LDAP) is implemented, we recommend to execute 2FA within these sources and not inside the wiki. Compatibility with SAML, OpenIDConnect or LDAP have not yet been tested in BlueSpice.
2FA is not possible with true SSO (LDAP/Kerberos).
| Extension | Cloud | BS 4.1 |
|---|---|---|
| OATHAuth | activated | activated |
| Webauthn | not available | activated |
