Two-Factor Authentication Settings
For additional security, administrators can configure two-factor authentication (also referred to as multi-factor authentication) for end users accessing AppsAnywhere. This adds an extra layer of security to the system as end users need to provide a code or additional authentication to access AppsAnywhere resources.
There are two methods of configuring two-factor authentication:
Users are prompted for two-factor authentication when logging into AppsAnywhere
Application launches are configured to prompt for two-factor authentication using Swivel
Two-factor authentication on login
Using this method, two-factor authentication is not configured directly in AppsAnywhere, instead administrators configure a third-party single sign on method which has two-factor authentication enabled. The most common types are OAuth 2.0 (e.g. Azure AD or ADFS) and SAML 2.0.
Administrators will need to refer to their identity provider for details on configuring two-factor authentication in the third-party single sign on system.
Once setup, AppsAnywhere can be configured to direct users to the single sign on method when they access the base URL by setting the Action for Unauthenticated Users to redirect to the single sign on URL. Users will then be prompted for two-factor authentication.
See Configuring SSO Defaults for more information.
Two-factor authentication on applications
This is configured in AppsAnywhere Admin once a Swivel API server has been configured. Refer to the Swivel provider documentation for more information on configuring Swivel.
Once a Swivel API server has been setup, it can be connected to AppsAnywhere.
Navigate to Settings > Two-Factor Authentication
Set Enabled 2FA Module to Swivel.
Enter the Swivel API URL.
Enter the Swivel API Secret.
Set the correct Version.
To enable two-factor authentication on applications
Edit the application.
Set the Secure With Two-Factor Authentication?
Never will not prompt for two-factor authentication.
Always will prompt on every launched.
Off-Site Only will only prompt when the user is defined as being off site.
Save the application.