My developer account - strong authentication

1 votes

Improve the authentication on the developer account to make it stronger e.g. 2-factor authentication, possibly selectively (e.g. to access production credentials).

Done make-onboarding-easier make-testing-easier platform platform-phase-2 Suggested by: Tony Heap (16 Jul, '20) • Upvoted: 16 Jul, '20 • Comments: 3

Comments: 3

18 Mar, '22
Alex Lord Admin
We're building some of the under-the-covers tooling that will support this.

It is not something we would want to arbitrarily deploy however. At the end of the day, it is all added friction.

Is MFA a tool that you would expect to see cover *everything* to do with onboarding/administering your developer account?

Maybe you'd prefer to see it before making your mind up? Let us know if you would like to participate in some short user testing. We can show you where it could be deployed, and you can say if you think it is well matched? Let us know at api.management@nhs.net
02 Dec, '22
Steve Hodgson Admin
MFA (for Production only) is a planned pre-requisite for exiting Beta on the Hub/Portal side.
31 Jan
Ernest Kissiedu Admin
We have enabled multifactor authentication (MFA) for production applications.
MFA is a second form of authentication. You use it with your email address and password as an extra layer of security.
The sign-in process for your developer account remains the same.

You must set up MFA to access security details in production applications managed via the Access to Environments section of the Developer Account.
When MFA is setup, you will be asked to enter a one-time password (OTP) to access or edit:
* the public key
* API keys
* the callback URL