Multiple Users same login
We have a software provider that connects via VPN for support & maintenance of their product on our network. The support is done via their Help Desk. There is one support email, but the support personnel connecting could be any number of techs within the Help Desk. I can imagine the headache of tracking down the one cell phone with the AuthPoint App. Is there another way to authenticate the MFA in this type of scenario?
0
Sign In to comment.
Answers
Hi @KRob
The customer could potentially use a hardware token (like the AuthPoint hardware token, or another compatible TOTP type token.)
Failing that, I would suggest making multiple accounts for your vendor so each has their own token.
-James Carson
WatchGuard Customer Support
Thanks, but it appears that even with the hardware token the AuthPoint App on a cell phone is still required for authentication. I was hoping to avoid that. How does the IdP Portal work and is it a potential solution?
Hi @KRob
The IDP portal allows users to log into it, and then select the applications they'd like to use. The IDP portal signs the user into the service via SAML.
You can find mroe info about it here:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/idp-portal_about.html
The IDP portal doesn't replace you user's MFA tokens - they'll still need to log into the IDP portal using whatever authentication policy you have set up, which will likely require entering a one time password (OTP,) scanning a QR code, or accepting a push notification.
-James Carson
WatchGuard Customer Support
I believe the IdP Portal with the hardware token could be the answer for us. I'll test it out using OTP first. Thanks again