You can now embed MFA secret/one-time codes into the credentials that you use to log into Secure Dashboards - this will allow you to display captures of pages that are protected by Two Factor Authentication (2FA) / Time-based One-time Passwords TOTP.
Please Note
The multi-factor authentication method being used will determine whether your desired website/dashboard will function with Secure Dashboards. Secure Dashboards currently does not support multi-factor authentication methods that make use of email or SMS codes.
In this article, we will detail how you can go about carrying out the above, and how to integrate these credentials into your Authentication Settings:
Generating a new MFA secret
You will require the TOTP token for your chosen service/authentication instance in order to fill out the MFA Secret field in the following steps. This token is embedded into the QR code that is often present when initially configuring 2FA for the first time. This can be acquired in one of two ways:
Upon initial configuration of 2FA for your chosen account - you may see an “I can’t scan the QR code” option, upon clicking this a key (TOTP token) will be displayed - take note of this key.
Take a screenshot of the QR code that is displayed upon initial configuration, and upload this to a site such as https://4qrcode.com/scan-qr-code.php and this will provide you with the TOTP code that is embedded in the QR code.
Adding an MFA Secret to a new Secure Dashboards Credentials
Switch to the Data Integrations application by selecting the Menu button from the top-left of Signagelive, then selecting Data Integrations from the drop-down menu
Select the Secure Dashboards integration from the Data Sync Services > Integrations tab and click Manage
Head to the Credentials tab
Click + to add a new credential, then fill in the Name, Username and Password fields
From here, you’ll need to enter the TOTP token/Key/MFA Secret you took note of in the previous section that corresponds with the credentials you have entered - once you have this token, enter it in the MFA Secret field
Click Submit to save your credentials
Adding an MFA Secret to existing Secure Dashboards Credential
If you have the QR code or the MFA Secret/TOTP token available from when you initially set up 2FA for your chosen account, proceed to follow the steps in the previous section, if not then you will need to disable 2FA for your chosen account and then re-enable it in order to follow the steps in the previous two sections.
Once you have an MFA secret embedded into your credentials, you’ll be able to start configuring the Authentication Settings for your Dashboard.
Configuring the Authentication Settings for your MFA-enabled Secure Dashboard
This section will only cover how to correctly configure the Authentication Settings for an MFA-enabled dashboard, if you are configuring a Secure Dashboard for the first time - please follow the instructions in this article and then refer back to here if your dashboard is MFA-enabled.
If you have selected Google, Microsoft or Smart as the Login Type for your dashboard, in most cases you will not require post-login options - however, if you are using Custom then please follow these steps:
At the top of your selected dashboard, click to toggle the Advanced view
Scroll down to the Authentication Settings and set your Login Type to Custom, then select your Credentials and enter your Login URL
Under Post Login Options, ensure your Step Type is set to Enter Text
Fill in the Selector field (which will be unique to the page you are displaying)
In the Text field, enter ##{{SECRET}} and this will automatically pull your MFA secret that is linked to your selected credentials into the field when Secure Dashboards attempts to access your page
Press Add
Once you have added your desired pages, scroll to the top of the page and click Test to confirm your captures are working then click Save