Automation Anywhere ドキュメントを読んで確認する

Automation 360

コンテンツを閉じる

コンテンツ

コンテンツを開く

Two-factor authentication

  • 更新済み: 2022/06/18
    • Automation 360 v.x
    • マネージ
    • Enterprise

Two-factor authentication

Two-factor authentication (2FA) provides a layered defense against unauthorized users from accessing the Control Room database. As an administrator, you can set up 2FA so that the users can validate their identity when logging in to the Control Room using both their user credentials and the 2FA method.

How 2FA works

2FA is an additional authentication mechanism added to your login process. 2FA is disabled by default. The Control Room administrator configures the 2FA for either all users or users with specific roles. After 2FA is enabled in the Control Room, it is now applicable to all user roles, such as シチズンディベロッパー and RPA developer or any user who logs in to the Control Room to perform any action.

When you are assigned a role that requires 2FA, you must set up an authenticator application on your mobile device and establish a connection between the authenticator application and the Control Room. On subsequent logins, you will be prompted to enter, along with the username and password, a time-based one-time password (TOTP) from the authenticator application to complete the Control Room login.

Components

Three main components are used in 2FA.
  • Authenticator application: Installed on your mobile device, this application generates TOTP for verifying your identity. All types of authenticator applications are supported that follow the TOTP protocol, such as DUO or Google Authenticator.
  • Registered device: This is the mobile device that you register in the Control Room during first login after 2FA is set up. The TOTP is generated through this registered device, which is required any time you log in to the Control Room. If your registered device is lost or unavailable, you must request the Control Room administrator to delete the device, and you can add another device later.
  • Time-based one-time password: This is a temporary password generated by an algorithm that uses the current time of the day as an authentication factor.

2FA components

Set up 2FA

  1. Enable 2FA in the Control Room.
    1. Log in to the Control Room as an administrator.
    2. Navigate to Administration > Settings > Two factor authentication.
    3. Click Edit to configure the settings.
    4. Select Enable. This is not enabled by default.
    5. Choose the settings based on your requirements:
      Option Action
      All users Select this option to enable 2FA for all users who have access to the Control Room.
      Selected roles To enable secure recording for users with specific roles:
      1. From the Available roles column, search and select roles for which you want to enable 2FA.
      2. Move these roles to the selected column.
    6. Save your changes.
  2. Optional: If a user's registered (mobile) device is unavailable or changed, delete the device and register a new one.
    1. Log in to the Control Room as an administrator.
    2. Navigate to Administration > Users.
    3. Select the user that you want to edit. Hover over the action menu (vertical ellipsis) located to the right of the username and click View user.
    4. In the Authenticators section, select the device that you want to delete, click the delete icon, and confirm deletion.
  3. Set up an authenticator application and establish a connection between the authenticator application and the Control Room.
    1. Log in to the Control Room as a シチズンディベロッパー or a Bot Creator (RPA Developer).

      Ensure that you have an authenticator application set up on your mobile device. During your first login, a QR code is displayed.

    2. Either scan the QR code using your authenticator application or manually enter the code displayed in the authenticator application.
    3. Enter the name of your authenticator and the new code generated in your authenticator application.

      This is a temporary code that is refreshed every few of minutes based on your authenticator application.

    4. Click Confirm.

      Follow the next steps in the login flow, change your password and set the security questions. You will be successfully logged in to the Control Room. On subsequent logins, you must enter the code generated in your authenticator application and confirm.

  4. Optional: You can manage (add or delete) your authenticator device.
    1. Log in to the Control Room as a シチズンディベロッパー or a Bot Creator (RPA Developer).
    2. On the Home page, click your username.
    3. Navigate to My settings > Two factor authentication.
    4. Click the plus (+) icon.
    5. Perform steps 3.b through 3.d.
    6. Optional: Select the device that you want to delete, click the delete icon, and confirm deletion.
フィードバックを送る