With the 2024.1 we’ve added a Multi-factor authentication.
When using it, external users will need to log in with an extra verification step. They'll get a code by email, which the app will check to allow access. The actual MFA connection is considered as the Wedia SSO.
To enable this feature on your project you will have to create a new SSO service called mfa (or as you want, keep in mind that the given name will be displayed on the BO login) and configure it as a redirection to “/sso/login.jspz”
Then you will have to switch the value for this parameter : com.wedia.mfa.MFAConfig.SigninWithoutMFAAvailable which you can find on WXM_BO_Options.
When signin in without mfa is not available, the login to the app must be made by SSO or by MFA, the form will not be presented anymore, and rest signins by login password will be rejected.
To finish the MFA configuration, you will have to add a SSO decorator on the Rest api admin.
You will have to create a decorator for the mfa provider (or the “providerName” provider) , and you have to add one additional property :
{ "isMfaProvider": true }