authelia/docs/features/2fa/push-notifications.md
Philipp Staiger 01b77384f9
feat(duo): multi device selection (#2137)
Allow users to select and save the preferred duo device and method, depending on availability in the duo account. A default enrollment URL is provided and adjusted if returned by the duo API. This allows auto-enrollment if enabled by the administrator.

Closes #594. Closes #1039.
2021-12-01 14:32:58 +11:00

2.0 KiB

layout title parent nav_order grand_parent
default Push Notification Second Factor 3 Features

Mobile Push Notification

Mobile push notifications is the new trendy second factor method. When second factor is requested by Authelia, a notification is sent on your phone that you can either accept or deny.

Authelia leverages Duo third party to provide this feature.

First, sign up on their website, log in, create a user account and attach it a mobile device. Beware that the name of the user must match the name of the user in Authelia.

Then, in Duo interface, click on Applications and Protect an Application. Select the option Partner Auth API. This will generate an integration key, a secret key and a hostname. You can set the name of the application to Authelia and then you must add the generated information to Authelia configuration as shown below:

duo_api:
  hostname: api-123456789.example.com
  integration_key: ABCDEF
  secret_key: 1234567890abcdefghifjkl

Now that Authelia is configured, pass the first factor and select the Push notification option.

You should now receive a notification on your mobile phone with all the details about the authentication request. In case you have multiple devices available, you will be asked to select your preferred device.

Limitation

Users must be enrolled via the Duo Admin panel, they cannot enroll a device from Authelia yet.

FAQ

Why don't I have access to the Push Notification option?

It's likely that you have not configured Authelia correctly. Please read this documentation again and be sure you had a look at config.template.yml.