# Secure your ixHello App with Multi Factor Authentication
## **Objective**
Multi-Factor Authentication (MFA) is a secondary security check which does not allow a user to proceed until the user returns a code sent to their phone or email. This document will demonstrate how to use MFA with a Custom App.
## **Multi-Factor Authentication (MFA) Setup**
ixHello allows users to set up multi-factor authentication for their apps to secure their apps from accessed by unauthorized personnel.
## What does MFA setup mean?
Our goal is to demonstrate the capability of the ixHello platform to integrate with external platforms and perform CRUD operations against them via web API calls with support for MFA.
Let us look at an Alexa Skill called **Contact Finder**. This App will look up and return a person’s number that is stored in the contacts database. The first time a contact is requested, a 3-digit PIN is sent to the user's email and phone number. When the correct PIN is provided by the user, access is granted. By tying access to a phone or email address, MFA prevents unauthorized personnel from accessing the information. The PIN code is valid for five minutes. If a user does not interact with the skill within that time, on the next interaction, the PIN is regenerated and resent to the user's email and phone number.
An example interaction for Contact Finder in Alexa Developer console is going to be like this:
\
## MFA Setup
MFA must be configured at these levels:
1. Organization
2. Employee
### a. MFA at Organization Level
1\. Login to ixHello as organization admin. Navigate to Organization menu under Administration menu in Administration section. Click on Administration > Organization.
2\. On the resulting page, scroll down until you find the **Require Multi-Factor Authentication** checkbox. Check on the checkbox and click on **Save Changes**.
### b. MFA at Employee Level
1\. Navigate to Account Setup > Profile.
2\. Scroll down and check **Require Voice MFA** and press **Save**.
## Enabling MFA at App Level
The final step to enable Multi Factor Authentication (MFA) occurs when you publish the App. You can implement this to any App. Under Apps > Custom Apps, press the ellipses to open the App Publishings page.
Go to the **Publish** tab. Click on **Add App Publishing**.
At the time of this documentation, only Amazon Alexa supports MFA with ixHello. Scroll down to the Channel field and select **Alexa** from the dropdown. Open the **Permissions** tab. Press the slider to turn on **Enable MFA Support***.*
Save and then publish the App. Select the LWA account you want to publish the app to and click on **Publish to Alexa**.
On success, you’ll be able to view following screen. Click on Go To Alexa Skill button to go to Amazon Alexa developer console and test the skill.
Now test the app in developer console. You’ll be welcomed with the welcome message set in publish profile. On invoking intent with the utterance, you’ll receive a 3 digit pin in your email, like this:
Provide the pin number and the intent shall provide you with the result.
**Congratulations!**
You have successfully completed a Secure your ixHello Skill with Multi-Factor Authentication.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ixhello.com/ixhc/apps/secure-your-ixhello-app-with-multi-factor-authentication.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.