mirror of
https://github.com/Luzifer/nginx-sso.git
synced 2024-11-10 02:10:02 +00:00
Updated MFA Provider Configuration (markdown)
parent
59dc10ba8b
commit
4ee1353ce8
1 changed files with 9 additions and 5 deletions
|
@ -26,19 +26,23 @@ The corresponding expected MFA configuration is as following:
|
|||
provider: duo
|
||||
```
|
||||
|
||||
## Google Authenticator / TOTP (`google`)
|
||||
## Google Authenticator / TOTP (`totp`)
|
||||
|
||||
The provider name here is `google` while the only supported argument at the moment is `secret`. The secret is what you need to provide to your users for them to add the config to their authenticator. (It MUST be base32 encoded!)
|
||||
This provider supports several different TOTP configurations while the default configuration is held compatible to what Google Authenticator is using. You can configure all parameters documented below though in most cases you won't need to touch any parameter other than `secret`. The `secret` must be base32 encoded while the trailing equal signs may be stripped.
|
||||
|
||||
Here is an example of the URI to provide in a QRCode:
|
||||
|
||||
```yaml
|
||||
provider: google
|
||||
provider: totp
|
||||
attributes:
|
||||
secret: MZXW6YTBOIFA
|
||||
secret: MZXW6YTBOIFA # required
|
||||
period: 30 # optional, defaults to 30 (Google Authenticator)
|
||||
skew: 1 # optional, defaults to 1 (Google Authenticator)
|
||||
digits: 8 # optional, defaults to 6 (Google Authenticator)
|
||||
algorithm: sha1 # optional (sha1, sha256, sha512), defaults to sha1 (Google Authenticator)
|
||||
```
|
||||
|
||||
`otpauth://totp/Example:myusername?secret=myverysecretsecret` ([Docs](https://github.com/google/google-authenticator/wiki/Key-Uri-Format))
|
||||
`otpauth://totp/Example:myusername?secret=MZXW6YTBOIFA` ([Docs](https://github.com/google/google-authenticator/wiki/Key-Uri-Format))
|
||||
|
||||
## Yubikey (`yubikey`)
|
||||
|
||||
|
|
Loading…
Reference in a new issue