mPass MFA User Guide
Introduction
The mPass authentication server is an OATH compliant comprehensive solution for enabling multi-factor authentication for enterprise applications such as VPN Systems, Outlook Web Access, Active Directory Federation Services, Windows/Linux systems or any in house developed applications. mPass authentication server enables strong authentication via OATH based One Time Passwords (OTP) via SMS and Mobile apps.
Purpose
The purpose of this document is to help active directory domain users to activate their mPass mobile app/token which will be used for multi-factor authentication while accessing enterprise applications/servers using mPass. Moreover, users can also verify the OTP generated on their phones with the mPass Users portal.
Application Overview
The mPass authentication user portal is a web-based application deployed within the organizations environment to facilitate users to activate their mPass mobile applications.
Features
Following features are available in the mPass user portal.
- Token Activation
- Test Token
Pre-requisites
To activate the mPass mobile app/token successfully, the following prerequisites should be met.
- The user needs a smart phone with storage of 10Mb space
- The phone should have a high resolution camera (recommended 5 megapixel or above). Camera access permission is required by the mPass mobile app to scan the QR code.
- All android devices should have minimum OS version of 5.x (Lollipop) and above.
- iPhone users must have iOS 12.x and above.
Token Activation Process
Download mobile App
The first step is for the user to download the mPass authenticator app from the app store on the users mobile phone.
- For Android users, use this link: https://play.google.com/store/apps/details?id=sa.com.is.mpass.authenticator&hl=en
- For IOS users, use this link: https://apps.apple.com/vn/app/mpass-authenticator/id6446311853
After installing the mPass mobile app, the user is recommended to read the help content displayed. After navigating through the help contents, the user is prompted to choose the mobile app PIN as shown below.
User Portal Login
After choosing the mobile app PIN on the phone, the user should navigate the user portal using a computer browser. The User portal for your organization can be accessed from the following URL: https://<mpass-server>/mpassup-web
The user should be able to view the Login screen as shown below:
Users need to enter their domain username and password in the form displayed above, users need click the ‘Sign In’ button to log into the mPass user portal.
Successfully authenticated users should be able to view the following home page:
Scan QR Code (Primary Method)
To activate the mobile token, the logged in user should click the “Token Activation” link in the left menu as shown below.
Later, the user needs to click the “Accept and Agree” button to view the QR Code. A sample is shown below.
Now, from the mPass mobile app, user should tap the ‘+’ button to scan the QR code (the mPass mobile app will request permission for the Camera from the user, users need to allow the mobile app permission to access the camera).
After scanning the QR code, the mPass mobile app should display the One Time Password (OTP) screen for the user. A Sample is provided below.
Adding Account Manually (Alternative Method)
mPass users can also add user accounts manually using the mPass mobile app. This approach should be used in the following scenarios:
- User’s mobile phone does not have a camera/user does not want to provide access to the camera for the mPass mobile app
- User has same account names across multiple environments and requires identifying them based on a pre-fix or a suffix to enter the appropriate OTP during OTP prompts.
To activate the mobile token, the logged in user should follow the below instructions.
- From the mPass User Portal click the “Token Activation” link in the left menu as shown in the below
- Select the ‘Add manually without camera’ radio button.
- Press the Accept and Agree button
- Following screen will be displayed on the user portal with the UserName and 16-digit Key.
- Now, from the mPass mobile app, user should tap the ‘+’ button
- Following screen will be displayed on the phone
- Following screen will be displayed on the phone.
- Users should enter the Username and key displayed in the user portal.
- Following screen should be displayed.
Test OTP
To verify the mPass mobile app activation, the user can optionally test the OTP generated.
To navigate to the test screen, user should click on the Test Token link as shown below.
The user should provide the current One Time Password (OTP) displayed on the mPass mobile app in the text box shown above and click the Test button.
A Successful validation message should be displayed as follows:
© 2024 All Copyrights Reserved
Related Articles
What is mPass MFA?
Introduction The mPass MFA is an OATH compliant comprehensive solution for enabling Multi-Factor Authentication (MFA) for enterprise applications such as VPN Systems, Outlook Web Access, Active Directory Federation Services (ADFS), Windows/Linux ...mPass MFA High Level Design
Introduction The mPass authentication server (AS) is an OATH compliant comprehensive solution for enabling Multi-Factor Authentication (MFA) for enterprise applications such as VPN Systems, Outlook Web Access, Active Directory Federation Services ...mPass MFA Install Windows Agent
Introduction The mPass authentication server is an OATH compliant comprehensive solution for enabling multi-factor authentication for enterprise applications such as VPN Systems, Outlook Web Access, Active Directory Federation Services, Windows/Linux ...mPass MFA Mobile Number Verification
Introduction mPass is an OATH compliant comprehensive solution for enabling Multi Factor authentication for enterprise applications. mPass provides HTTP based web services for enterprise applications to verify mobile numbers of their users by means ...mPass administration Portal
Introduction The mPass authentication server is an OATH compliant comprehensive solution for enabling multi-factor authentication for enterprise applications such as VPN Systems, Outlook Web Access, Active Directory Federation Services, Windows/Linux ...