Twilio Authy
Cloud CMS supports Twilio Authy for Multifactor Authentication.
To configure Authy, you will need to supply the following:
apiUrl
apiSecret
These values are available from your Authy Settings page.
Service Descriptor
If you're adding an Authenticator via a Service Descriptor:
- the Descriptor Type should be
TWILIO_AUTHY
. - the Descriptor Configuration should look like this:
{
"enabled": true,
"providerType": "authy",
"providerConfig": {
"apiKey": "MY_API_KEY",
"apiUrl": "MY_API_URL"
}
}
Where
MY_API_KEY
(required) is your Authy API KeyMY_API_URL
(optional) is your Authy endpoint URL (default ishttps://api.authy.com
)
Here is a screenshot of some sample settings:
Global Settings
You can set up system-wide Authy configuration by adjusting the following in your docker.properties
file:
org.gitana.platform.services.authenticator.authy.apiKey=
org.gitana.platform.services.authenticator.authy.apiUrl=
These settings will be used for any system-defined or service descriptor-defined Authenticators that do not
provide these values.
System Authenticator
You can also instantiate system Authenticators like this:
<bean id="authyAuthenticatorRegistrar" class="org.gitana.platform.services.authenticator.AuthyAuthenticatorRegistrar">
<property name="id"><value>MY_AUTHENTICATOR_ID</value></property>
<property name="apiKey"><value>MY_API_KEY</value></property>
<property name="apiUrl"><value>MY_API_URL</value></property>
</bean>
Where
MY_API_KEY
(required) is your Authy API KeyMY_API_URL
(optional) is your Authy endpoint URL (default ishttps://api.authy.com
)
The MY_AUTHENTICATOR_ID
value must be unique across all Authenticator instances for a given type.
These Authenticators will be available to your platform and can defined and maintained within your Spring config.
Authy Binding Properties Factory
Use the AuthyAuthenticatorBindingPropertiesBeanFactory
bean to create Authy-specific binding properties.
Like this:
<bean class="org.gitana.platform.services.authenticator.authy.AuthyAuthenticatorBindingPropertiesBeanFactory">
<property name="authyId"><value>AUTHY_ID</value></property>
</bean>
Authy Descriptor Factory
Use the AuthyAuthenticatorDescriptorBeanFactory
bean to create Authy-specific descriptors.
Like this:
<bean class="org.gitana.platform.services.authenticator.authy.AuthyAuthenticatorDescriptorBeanFactory">
<property name="id"><value>MY_AUTHENTICATOR_ID</value></property>
</bean>
Example: Configure the Admin User to use Authy Security
Start by defining an authenticator called test
:
<bean class="org.gitana.platform.services.authenticator.authy.AuthyAuthenticatorRegistrar">
<property name="id"><value>test</value></property>
<property name="apiKey"><value>API_KEY</value></property>
<property name="apiUrl"><value>API_URL</value></property>
</bean>
Then bind the admin user to the authenticator using our factories from above:
<bean class="org.gitana.platform.services.authenticator.BindAdminUserSystemAuthenticator">
<property name="bindingProperties">
<bean class="org.gitana.platform.services.authenticator.authy.AuthyAuthenticatorBindingPropertiesBeanFactory">
<property name="authyId"><value>AUTHY_ID</value></property>
</bean>
</property>
<property name="descriptor">
<bean class="org.gitana.platform.services.authenticator.authy.AuthyAuthenticatorDescriptorBeanFactory">
<property name="id"><value>test</value></property>
</bean>
</property>
</bean>