Multifactor

Multifactor

  • Demo
  • Theory
  • Practice
  • Login

›Knowledge Base

Introduction

  • Introduction
  • Features
  • Authentication methods

Connection

  • Getting started
  • Integration
  • HTTP API

    • API
    • Access requests
    • User Management
  • RADIUS protocol
  • RADIUS Adapter

    • General Information
    • Windows
    • Linux
  • Self-Service Portal

About Us

  • Public offer
  • Privacy
  • Infrastructure
  • Payments and refund
  • Company

Knowledge Base

  • FAQ
  • Integrating .NET Core
  • ASP.NET Integration
  • OpenVPN setup
  • Configuring OpenVPN + AD
  • Configuring OpenVPN Access Server
  • Cisco ASA VPN setup
  • Configuring Check Point VPN
  • FortiGate VPN Configuration
  • Windows RDP setup
  • Configuring the Network Policy Server
  • Configuring Outlook Web Access
  • Let's Encrypt Windows Server
  • Configuring Linux SSH
  • Configuring Linux SUDO
  • VMware vCloud Director Configuration
  • Customizing VMware Horizon
  • Configuring VMware Horizon Cloud
  • Configuring Citrix Gateway
  • Huawei Cloud Configuration
  • Yandex.Cloud Configuration
  • Disaster recovery

Help

  • Authentication enroll
  • Authentication
  • Administrator panel

Huawei Cloud Two-factor authentication

Overview

This article shows how to set up two-factor authentication for the Huawei Cloud.

Huawei Cloud supports federated SAML authentication (Single Sign-On). It allows you to configure Huawei Cloud access for your existing user base and set up multifactor authentication with centralized access management via Multifactor.

Manually created Huawei Cloud accounts will continue to work for administrative purposes.

Multifactor does not request and store your users' passwords. Accounts and first-factor authentication methods are managed and verified locally with your Identity Provider (IDP) of choice.

List of supported IDPs:

  • Active Directory
  • GSuite (Google)
  • Yandex
  • List is extending

Operational Principle

  1. Huawei Cloud and Multifactor establish mutual trust by sharing public certificates and setting up a Single Sign-On and Single Log Out addresses.
  2. After the authentication request, Huawei Cloud forwards the user to the Multifactor page.
  3. Multifactor redirects user to IdP's authentication page (GSuite, Active Directory, Yandex).
  4. After confirmation of the first factor, Multifactor requests two-factor authentication and returns the signed request to Huawei Cloud.

Configure Multifactor

  1. Visit your account page and create new Site->SAML application in "Resources" section:
  • Title: arbitrary
  • Address: Huawei cloud address
  • Identity provider:
    • Gsuite for using Google accounts
    • Yandex for using Yandex accounts
    • Active Directory for Microsoft domain accounts
  • Portal address:
    • If you selected the Active Directory account provider, enter the address (either configured internally or externally) of a self-service portal.
  1. Save settings.
  2. Press "upload metada" and enter the address:
  • https://HUAWEI_CLOUD_DOMAIN/authui/saml/metadata.xml
  1. Download the file with Multifactor metadata as you will need it for further configuration.

Configure Huawei Cloud

  1. Navigate to "Management & Deployment" -> "Identity and Access Management."
  2. In the "Identity Providers" menu, create a new provider:
  • title: Multifactor
  • protocol: SAML and save the changes
  1. In the "Identity Providers" menu, click "Modify" in the Multifactor item
  • save Login Link — this is a multifactor authentication login address
  • upload the Multifactor metadata file to the "Metadata Configuration" section
  1. Save changes

Assign roles to users

By default, users connected via federated access have read-only rights. To configure roles, use the "Identity Conversion Rules" section by Huawei Cloud instructions.

Try it out

Log out of the Huawei Cloud Management Console and log in with your local account or via Single Sign-On.

Last updated on 8/10/2020
← Configuring Citrix GatewayYandex.Cloud Configuration →
  • Overview
  • Operational Principle
  • Configure Multifactor
  • Configure Huawei Cloud
    • Assign roles to users
  • Try it out
Multifactor
Legal info
Privacy policyPayments and refund
Company
Our historyMissionOur teamContacts
Contact us
+7 499 444 08 82sales@multifactor.prosupport@multifactor.proTelegramFacebook
© 2021 Multifactor