Secure your ixHello App with Multi Factor Authentication

Objective

Multi-Factor Authentication (MFA) is a secondary security check which does not allow a user to proceed until the user returns a code sent to their phone or email. This document will demonstrate how to use MFA with a Custom App.

Multi-Factor Authentication (MFA) Setup

ixHello allows users to set up multi-factor authentication for their apps to secure their apps from accessed by unauthorized personnel.

What does MFA setup mean?

Our goal is to demonstrate the capability of the ixHello platform to integrate with external platforms and perform CRUD operations against them via web API calls with support for MFA.

Let us look at an Alexa Skill called Contact Finder. This App will look up and return a person’s number that is stored in the contacts database. The first time a contact is requested, a 3-digit PIN is sent to the user's email and phone number. When the correct PIN is provided by the user, access is granted. By tying access to a phone or email address, MFA prevents unauthorized personnel from accessing the information. The PIN code is valid for five minutes. If a user does not interact with the skill within that time, on the next interaction, the PIN is regenerated and resent to the user's email and phone number.

An example interaction for Contact Finder in Alexa Developer console is going to be like this:

MFA Setup

MFA must be configured at these levels:

Organization
Employee

a. MFA at Organization Level

1. Login to ixHello as organization admin. Navigate to Organization menu under Administration menu in Administration section. Click on Administration > Organization.

2. On the resulting page, scroll down until you find the Require Multi-Factor Authentication checkbox. Check on the checkbox and click on Save Changes.

b. MFA at Employee Level

1. Navigate to Account Setup > Profile.

2. Scroll down and check Require Voice MFA and press Save.

Enabling MFA at App Level

The final step to enable Multi Factor Authentication (MFA) occurs when you publish the App. You can implement this to any App. Under Apps > Custom Apps, press the ellipses to open the App Publishings page.

Go to the Publish tab. Click on Add App Publishing.

At the time of this documentation, only Amazon Alexa supports MFA with ixHello. Scroll down to the Channel field and select Alexa from the dropdown. Open the Permissions tab. Press the slider to turn on Enable MFA Support.

Save and then publish the App. Select the LWA account you want to publish the app to and click on Publish to Alexa.

On success, you’ll be able to view following screen. Click on Go To Alexa Skill button to go to Amazon Alexa developer console and test the skill.

Now test the app in developer console. You’ll be welcomed with the welcome message set in publish profile. On invoking intent with the utterance, you’ll receive a 3 digit pin in your email, like this:

Provide the pin number and the intent shall provide you with the result.

Congratulations!

You have successfully completed a Secure your ixHello Skill with Multi-Factor Authentication.

Last updated 1 year ago

Was this helpful?

hashtagObjective

hashtagMulti-Factor Authentication (MFA) Setup

hashtagWhat does MFA setup mean?

hashtagMFA Setup

hashtaga. MFA at Organization Level

hashtagb. MFA at Employee Level

hashtagEnabling MFA at App Level