Introduction

Multi-Factor Authentication (MFA) is key to a healthy security and identity protection posture. Users can log into the Avanan portal using MFA in one of these ways.

1. Log in via Microsoft / Google – then in the Google/Microsoft directory, set the relevant MFA settings. For more information, see User Management.
2. Log in via a standard password and add Google Authenticator confirmation on top of it.

Prerequisites

• Users must download and install the Google Authenticator app on their mobile phones. For more information, see https://support.google.com/accounts/answer/1066447.
• To allow administrators to configure MFA login via Google Authenticator, contact Avanan Support.

Enforcing MFA for a User

The Admin must enforce the MFA for a user.

1. Log in to the Avanan portal.
2. Click System Settings > User Management.
3. Click the  icon of the user you want to update and select Edit.
4. Under Login Method, select the Require Multi-factor authentication checkbox.
   Note - You must select at least one of the login methods; Google, Password, Microsoft, or SAML.
5. Click Update.
   A pop-up window appears and shows that the user has been updated successfully.
6. Click Ok.
   Note – If you don’t see these options in your Avanan portal, contact Avanan Support.

Enabling MFA by a User

After the Admin enforces MFA, the user must enable the MFA.

1. Log in to the Avanan portal.
2. In the Overview, open the menu under your user name in the top right corner and select MFA Setup.
   
   The MFA Setup screen appears that shows the QR code.
3. Open the Google Authenticator app on your device and scan the QR code.
   The Avanan portal is added to the Google Authenticator app and shows the authentication code.
4. In the Enter the Auth Code field, enter the authentication code.
5. Click Enable MFA.
6. Click Ok.
   The screen shows the authentication status.

Logging in via Google Authenticator - End User Experience

1. The user logs into the Avanan portal with the configured password.
2. The user opens the Google Authenticator app and copies the six-digit authentication code for the Avanan portal.
   Note - The six-digit authentication code is valid only for 30 seconds. After 30 seconds, a new code is generated.
3. The user enters the authentication code from the Google Authenticator app in the MFA Code field in the Avanan portal.
4. The user clicks Submit.
   After successful authentication, the user is logged into the Avanan portal.