My developer account - strong authentication
Improve the authentication on the developer account to make it stronger e.g. 2-factor authentication, possibly selectively (e.g. to access production credentials).
Comments: 3
-
18 Mar, '22
Alex Lord AdminWe're building some of the under-the-covers tooling that will support this.
It is not something we would want to arbitrarily deploy however. At the end of the day, it is all added friction.
Is MFA a tool that you would expect to see cover *everything* to do with onboarding/administering your developer account?
Maybe you'd prefer to see it before making your mind up? Let us know if you would like to participate in some short user testing. We can show you where it could be deployed, and you can say if you think it is well matched? Let us know at api.management@nhs.net -
02 Dec, '22
Steve Hodgson AdminMFA (for Production only) is a planned pre-requisite for exiting Beta on the Hub/Portal side.
-
31 Jan, '24
Ernest Kissiedu AdminWe have enabled multifactor authentication (MFA) for production applications.
MFA is a second form of authentication. You use it with your email address and password as an extra layer of security.
The sign-in process for your developer account remains the same.
You must set up MFA to access security details in production applications managed via the Access to Environments section of the Developer Account.
When MFA is setup, you will be asked to enter a one-time password (OTP) to access or edit:
* the public key
* API keys
* the callback URL