Starling Two-Factor Authentication Hosted - HTTP Module Administration Guide

Starling Two-Factor HTTP Module

Starling Two-Factor HTTP Module configuration

You can configure Starling Two-Factor HTTP Module for two-factor authentication by setting the required parameters in Starling Two-Factor HTTP Module Configuration window. In the configuration window, you can configure your Starling Two-Factor Authentication subscription and push notification details, user repository details and protected server site details. These details are required to carry out two-factor authentication.

Configuring Starling Two-Factor Authentication

To configure Starling Two-Factor Authentication:

  1. Click the Configuration tab, provide the following details:
    • Subscription key: The subscription key obtained from Starling Two-Factor Authentication Dashboard.
    • Message: The push notification message that has to be displayed on Starling 2FA app.
    • Timeout (seconds): The duration for which the push notification message received on Starling 2FA app is valid.

 

Configuring protected websites

Configuring protected sites

Starling Two-Factor HTTP Module allows you to protect your websites. You can add the websites that you want to protect using Starling Two-Factor HTTP Module in the Protected server sites tab. The tab lists the websites in the domain. You can select the required websites that has to be protected. Protection can be enabled at server sites and application level selectively.

To configure the protected sites:

  • On Protected server sites tab, select the websites that you want to secure with Starling Two-Factor HTTP Module from the tree view and click Apply or OK.

NOTE: Web applications having dependent sites will also show Starling Two-Factor authentication page, since they internally access the same URL.

For Example: If the user protects OWA web application with Starling Two-Factor authentication, ECP or all dependent websites which also access OWA internally will see Starling Two-Factor authentication page. Access control is determined by the most specific path match found.

NOTE: Certain web applications do not allow editing the 'web.config' file. The user must not select these web applications for 2FA protection, as “Error while adding the module in web config for selected sites” message may be displayed.

Logging into the client application

 

To log into the client application, you can use OTP or push notifications for two-factor authentication. The following are the scenarios that you will come across while generating OTP or push notifications.

NOTE: When you are logging into the client application for the first time, you will receive an SMS to install Starling 2FA app during two-factor authentication, if:

  • you have not installed Starling 2FA app and
  • the Installation instructions option in Starling Two-Factor Authentication Dashboard is enabled.

In this section:

Related Documents