cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Synthetic Monitor - MFA Authentication

saldrich
Participant

Hello DT Community Team,

Recently we have been working on enhancing our DEM using synthetics and the 2 business critical applications that we are working on have higher levels of Security. Application admins that gave us credentials to use for these 2 apps have enough access to give us local accounts to use, but the truth is in production environment most of our clients are signed up for multi-factor auth (MFA) either using SMS OTP or Authenticator. More and more apps will be moving to MFA for higher security.

The challenge is how do we incorporate MFA as part of synthetics? Originally I thought of using JS API call to GET the OTP directly from the RSA server but that’s not easily feasibly or in some cases its not feasible at all to get OTP using API call.

Please let me know your thoughts.

Let me know if you require any further information from us.

3 REPLIES 3

saldrich
Participant

One of our use cases would actually be to verify the MFA service to make sure its up and running. 

 

DanielS
DynaMight Guru
DynaMight Guru

Hi @saldrich in my case, I need to obtain a token that in another step I was able to use to start the session.

I leave you a link to this post that could be useful to you.

The true delight is in the finding out rather than in the knowing.

dannemca
DynaMight Guru
DynaMight Guru

I am using an OTP generator app in node.js, hosted in a container, to provide the OTP code based on the user details (same code used by auth apps like google auth).

I have created a js event to call the OTP generator app, get the code, stores in a var, and in the next event, keystroke the var in the OTP field.

The link @DanielS posted should do the job you need.

Site Reliability Engineer @ Kyndryl

Featured Posts