|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
perhaps @daniel is talking about a process similar to how the Jive Web and Jive Mobile apps authenticate?
The user logins into the Jive portal using SAML + TFA, and then goes into their settings.
01.png - http://l33.me/wp-content/uploads/2014/02/01.png
>From web app name the mobile device.
02.png - http://l33.me/wp-content/uploads/2014/02/02.png
This generates a OTP and QR code. No fears... I already deleted this auth code so its no longer active.
03.png - http://l33.me/wp-content/uploads/2014/02/03.png
>From mobile app scan QR code or input the OTP.
The mobile app saves the OTP locally (not sure exactly how), and every time the user requests data it appears to go through an authentication process to ensure that the mobile device is still valid.
I see a lot of value from an enterprise mobile app perspective for something like this. It would be awesome if the UPS could have SAML + TFA integration so users could login and generate a OTP/QR for easy mobile auth.
just my humble opinion