HomeDocumentationAPI Reference
Log In

Multi-Factor Authentication with 3rd-party Authenticators

When multi-factor authentication (MFA) is enabled for PrivX users, they are required to input a time-based PIN code (in addition to their account password) to log into PrivX.



PrivX users must set up and use an authenticator app‚Äč‚Äč (such as Authy or Google Authenticator) to log in with MFA.

MFA Setup

In PrivX, MFA is enabled/disabled per user directory:

  1. On the ‚ÄčAdministration‚ÜíDirectories‚Äč page, ‚ÄčEdit‚Äč‚Äč a directory entry.

  2. Expand ‚ÄčAdvanced directory settings‚Äč‚Äč. Under the ‚ÄčMulti-factor authentication settings‚Äč section, set the ‚ÄčMFA type‚Äč‚Äč. Set it to ‚ÄčTOTP MFA (time-based)‚Äč to enable MFA; set it to ‚ÄčDisabled‚Äč‚Äč to disable MFA.

  3. Click ‚ÄčSave‚Äč‚Äč to apply the changes.

Logging in with MFA

When MFA is enabled, PrivX users can obtain their MFA code and log in as follows:

  1. Log into PrivX normally, using your user name and password.

  2. If you have not done so before, you will be asked to import your MFA code. This allows you to obtain PIN codes for MFA login.

    Scan or enter the code into your authenticator app (such as ‚ÄčAuthy‚Äč or ‚ÄčGoogle Authenticator‚Äč‚Äč). After this, your authenticator app should display 6-digit time-based PIN codes.

    Click Next to proceed.

  3. Enter the PIN code displayed in your authenticator app. After this you should be logged into the PrivX GUI.

Reobtaining MFA Codes

If a PrivX user has lost their MFA code, you can set PrivX to offer a new MFA code upon their next login:

  1. On the ‚ÄčSettings‚ÜíUsers‚Äč‚Äč page, click the user who needs a new MFA code.

  2. Under ‚ÄčMulti-factor authentication‚Äč‚Äč, click ‚ėį and select ‚ÄčReset MFA Pairing‚Äč‚Äč. Verify that the ‚ÄčMulti-factor authentication‚Äč status is updated to ‚ÄčEnabled, not activated‚Äč‚Äč.

    The user is prompted to import a new MFA code upon their next PrivX login.