Authentication

By having implemented registration, activation and password forgotten modules as authentication modules, it allows - if you want to - to auto-login users after each of these actions.

Modules

Each module has the following options to configure.

  • Module name
  • Remember
  • Remember time
  • Authentication Levels
  • Module state
  • Show only when needed

Password

Log in with your username or email, and password. Users must exist in your tenant. Either because you have created them or because they have registered themselves using the registration module.

Time-based One-Time Password

Time-based One-Time Password (TOTP) is a well known authentication method for second-factor authentication (2FA). It is most used in combination with the Google Authenticator app.

You can safely configure the TOTP module as a second-factor. By default, this module must only be succesfully passed for users who have configured TOTP for their user account.

OpenID Connect (remote provider)

Activation

The activation module sends an email to the user with an activation link.

If this module is used as a first factor, it prompts for the user's username or email.

If this module is used as a second factor, it sends a mail to the user without prompting.

After having send the e-mail, the module shows a success message.

In most set-ups, a user has multiple ways to activate his account. For example, many services consider a login with a Facebook or Google account as a valid way to activate an account. Therefore, an account is activated based on the related activation authentication level. You can assign this authentication level to other authentication modules if needed.

Password Forgotten

Register

Facebook

If you create your own profile page, you might want to offer users the possibility to link a Facebook account to an existing account.

Google

Twitter

LinkedIn

GitHub

Chain

You cain chain modules. Note that

Account linking

A single person might want to make use of different authentication methods. He might register himself using a password first, but later wants to connect his Facebook or Google account. This can be done by account linking.