Use Akamai MFA
Akamai MFA two-factor authentication
Enterprise Application Access (EAA) allows you to use Akamai MFA as a second-factor authentication (2FA) for an Akamai identity provider (IdP). With both Enterprise Application Access and Akamai MFA on the same contract, the users from all of EAA directories may be provisioned into Akamai MFA. This action is executed from the Akamai MFA service.
Integrate Akamai MFA with EAA
Enterprise Application Access ( EAA) and Akamai MFA must be available in the same contract.
Generate your integration credentials in Akamai MFA.
Configure Akamai MFA as a 2FA in Enterprise Application Access Akamai identity provider.
a. Log in to Enterprise Center.
b. In the Enterprise Center navigation menu, select Application Access > Identity & Users > Identity providers.
c. Select your identity provider. Check if added the directory with your users to this identity provider.
d. Select Settings > MFA enable IdP MFA policy. It's optional to enable the IdP MFA policy.
e. Select Akamai MFA as one of the MFA Factors.
Note: You can also select Email, TOTP, SMS, or Duo as a second factor along with Akamai MFA.
f. Paste the integration credentials: Integration ID, Signing Key, and API Host.
g. Select Akamai MFA UserID attribute.
It determines the attribute that is sent as the username in Akamai MFA. Choose one of the following:
SAM account name
User Principal Name (UPN)
Domain/SAM account name
Directory Login Preference
Note: If you associate multiple directories with this IdP that have different login preferences, then choose Directory Login Preference as the Akamai MFA UserID attribute so that the correct username field is used to register/verify Akamai MFA. Otherwise, you get an error
Your MFA configuration has failed, when you log in to access the application.
h. Click Save.
i. Deploy the identity provider.
Assign the identity provider to one or more EAA applications.
The identity provider must be assigned to at least one EAA application for Akamai MFA to be used.
Deploy the application.
Log in to the application through a web browser.
Enter your first-factor authentication like username, and password, or select the certificate.
New users are redirected for Akamai MFA registration.
Install Akamai MFA mobile app on google android or iphone and choose in-line enrollment for your smartphone, phone, iPad or tablet. See Self-enroll in Akamai MFA for more details.
The user is redirected to the application to access the resource.
If you configured multiple MFA methods, also see Configure end-user's device to receive MFA tokens to learn how end users can receive MFA tokens on their device and configure the primary method.
Updated 7 months ago