Hello and Happy new Year,
We need the users to access Dundas throw OTP sent as sms and/or email with 5 minute validity.
We receive from Dundas support the following article but the article is related to SSO which we don’t need.
We don’t have problem to have a solution to be build as a custom login for dundas but not to use the SSO.
You can create a custom account provider and define the authentication method that suits your requirements: https://www.dundas.com/Support/developer/samples/extensions/create-a-custom-accounts-provider
Dear Ariel,
Thank you for your replay,
I tried to use the custom account provider as suggested but i still stuck with the OTP input, how can I edit Dundas login page to accept the OTP from the user or how can I generate another page to take the OTP from the user after I ensure that the entered user name and password are correct.
Also, I have found another solution in Dundas called Custom Login URL which i can provide external page to authenticate the user, but how I can use it or how I can redirect back to Dundas after authenticate the user in the custom page.
the web resources is very limited and I can’t find any details information.
https://www.dundas.com/support/learning/documentation/administration/set-up-a-custom-logon-url
We are showing sensitive information in Dundas BI and we have notice period from our security team to enable Two Factor Authentication or the tool will be blocked by them.
Your help is much appreciated.
Hi Ahmed,
Before I address how to use an OTP with a custom logon page / custom accounts provider, I’ll point out that it may be worth reading up on the Federated Authentication feature to see if its possible for you to configure Dundas BI’s built-in ability to integrate with your existing authentication platform especially if it already offers features like 2FA.
Moving on, the way that you can log your users in with an OTP from your custom logon page is using the POST /API/LogOn call from the Dundas BI REST API. The message body that you send with this call must be a JSON serialized LogOnOptions object. The LogOnOptions object has a property called “credentials” which you can populate with an arbitrary key-value pair list which you can use to transmit the OTP. The key-value pairs included in the credentials property will be passed through to your custom accounts provider which will then be able to run whatever logic you require against it.
Hi Davide,
Thanks for your reply.
What I got form your answer is that I can use API/LogOn from external page which i can populate with the OTP then i will receive this in the custom account provider which i can do whatever logic I need.
Seems good and will fulfill our needs, but the questions here is how I can redirect back from the external login page back to Dundas BI after authentication succeed.
Ah, I see where the confusion is. In order to do it you’ll actually want to use POST /LogOn/Token/ in order to obtain a logon token. Once you have the token you can simply direct the user to the page you want to send them to and pass the logon token in the query string of the URL as logOnTokenId.
This sample does something very similar in order to present an embedded dashboard.