US English (US)
FR French
DE German
PL Polish
SE Swedish
FI Finnish

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

English (US)
US English (US)
FR French
DE German
PL Polish
SE Swedish
FI Finnish
  • Log in
  • Home
  • Identity Governance and Administration (IGA)
  • IGA solution library
  • Instructions & guidelines
  • Configure authentication

Configure: OTP Using external application

One Time Password

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Service Management
    Matrix42 Professional Solution Matrix42 Core Solution Enterprise Service Management Matrix42 Intelligence
  • Identity Governance and Administration (IGA)
    IGA overview IGA solution library
  • Platform
    ESM ESS2 ESS Efecte Chat for Service Management Integrations Add-ons
  • Release Notes for M42 Professional, IGA, Conversational AI
    2026.1 2025.3 2025.2 2025.1 2024.2 2024.1 2023.4 2023.3 2023.2 2023.1 2022.4 2022.3 Release Information and Policies
  • Other Material
    Terms & Documentation Guidelines Accessibility Statements
  • Services
+ More

    • Service Management

    • Identity Governance and Administration (IGA)

    • Platform

    • Release Notes for M42 Professional, IGA, Conversational AI

    • Other Material

    • Services

Configure: OTP Using external application

One Time Password

Configure: OTP using external application

In this article is described instructions for configuring Secure Access component to be able to authenticate Customers end-users to Matrix42 Pro/IGA solutions (like for example IGA, ITSM etc.), build on top pf Efecte Service Management Platform by using 2FA (Two-factor authentication).

Keycloak allows 2FA to be configured, by using either 'Google Authenticator', ‘Microsoft Authenticator’ or 'FreeOTP' application - that users will have to install in their phones.

 

 

Step-by-Step Instructions

  1. Login with ESA Admin (main.admin) to URL domain.com/auth/admin

     
  2. Open Authentication settings from the left side panel. And then in 'Required Actions' tab,  in action: 'Configure OTP', tick box for 'Set as default Action'.


     
  3. In Authentication select three dots and 'Bind flow' and determine what is the flow linked to the 'Browser Flow' (in the example below, the flow linked to 'Browser Flow' is 'Efecte Login')


     
  4. In 'Authentication', select 'Flows' tab, then select the flow linked to the 'Browser Flow' (in our example, it was 'Efecte Login'), then  click on 'Add step' button, and select 'OTP Form'

     
  5. Mark 'OTP Form' as 'Required'. After that 2FA is configured. 

     
 
 

Login

Then, next time that a user logs in, first, the user will have to write his/her credentials and immediately afterwards, he/she will have to configure OTP (with instructions presented on the screen) and write the generated One-time-password (OTP).


For all success log-ins, the user will have to provide credentials and then the one-time-password provided by the authenticator application that should already be installed in his/her phone.

In case the user lost/changed his/her phone, so he doesn't have the one-time-password application installed in his phone anymore,  we must delete the user's entry in ESA admin side. This way, the user will be able to reconfigure his/her one-time-password application next time that he/she will login to Matrix42 Pro/IGA.


 

 
 

 






 

configure 2fa

Was this article helpful?

Yes
No
Give feedback about this article

Table of Contents

Related Articles

  • Configure: IGA Starter Package

Copyright 2026 – Matrix42 Professional.

Matrix42 homepage


Knowledge Base Software powered by Helpjuice

0
0
Expand