Multi-Factor Authentication

The Unifyia application allows you to configure and manage different role-based authentication options to enable multi-factor authentication to access the Unifyia application. Using this option, for each role, you can

  • add or delete the different authenticator factors as per your organization's requirement.
  • configure either a single or a multi-factor authentication
  • configure a preferred sequence of authentication for the role when you have configured multiple credential types.
  • drag the configured authentication options to set the preferred sequence.
  • enable or disable the configured authentication factors as per your authentication policy.

The Unifyia application allows you to configure the below options for authentication for each role:

  • Certificate Based Authentication: Authentication using digital certificates encoded within smartcards or security keys
  • Multi-factor Authentication:
    • Certificate Based Authentication: Authentication using digital certificates encoded within smartcards or security keys.
    • FIDO2 passkeys: An authentication method using built-in security keys
    • Unifyia ID Wallet
      • Unifyia ID Wallet with PKI - Consent-based authentication method where a PKI credential stored on a mobile is used for signing the consent
      • Unifyia ID Wallet with Push Verify – Consent-based authentication method
      • Unifyia ID Wallet with OTP – Authentication method using One-Time Passwords
      • Unifyia ID Wallet with FIDO2 - Authentication method using FIDO2 credentials issued on a mobile device.
    • Single Sign On: Sign in with the SSO policy defined by your organization.

Certificate Based Authentication

Multi-Factor Authentication

  1. Log in to the Unifyia platform. The Dashboard page opens.
  2. Navigate to Access Control > MFA. The Multi-Factor Authentication page appears.
  3. Add MFA: You have the option to expand the current list of authentication methods configured for your organization by adding more choices. Select Add MFA and select the desired option from the dropdown menu to enable it for your organization.
  4. Set Preferred Sequence: Arrange the displayed options according to your preferred sequence to set the sequence of the authentication factors. For example, if you have configured two options - the first option as FIDO2 passkeys and the second option as CBA, and you wish to change the order so that CBA is the first option, simply drag this option to the top position in the list. As a result, the default user authentication for your organization will be set to CBA, followed by FIDO2 passkeys.
  5. Enable/Disable: Select the option Enable/Disable from the drop-down list to activate/deactivate an authentication option.
  6. Delete: To delete a listed authentication option, select the cross icon. Select Yes to confirm or No to exit the process.

Single Sign-On


Back Next
On this page