How to monitor applications with MFA using a TOTP

The MFA option is available only for applications that use time-based one-time passwords (TOTPs) as a two-factor authentication (2FA) method. In Site24x7, multi-factor authentication (MFA) is used for Web Transaction (Browser) monitors and SaaS Synthetics (Browser) monitors. To enable monitoring for an application with MFA using a TOTP, copy the secret key for your account from the application’s website and add it to the recorder or the monitor page.

How does MFA work using a TOTP?

MFA is the practice of adding a layer of security to the standard username- and password-based authentication. It employs a TOTP as a mechanism for authentication, which provides an added degree of protection to the online account login process. With a TOTP, a security code is generated as an authentication token. 

How to get the secret key

This option is supported only if the application uses TOTPs, a type of 2FA mechanism that relies on a mobile app like Google Authenticator or similar apps like OAuth or Microsoft Authenticator.

To monitor an application with MFA using a TOTP, you can copy your account's secret key from the application and paste it into Site24x7's Secret Key text box.

Learn more about the Salesforce secret key, Microsoft Outlook secret key, and Microsoft Teams secret key.

Web Transaction (Browser) monitor

Adding a global parameter

1. Log in to Site24x7.
2. To add the secret key as a parameter, navigate to Admin > Configuration Profiles > Global Parameters. On the Global Parameters page, click the Add Parameters button. In the pop-up that opens, enter the MFA secret key as the Parameter Value.
3. Click Save.
   

Setting the global parameter

1. Log in to Site24x7.
2. Under Add Monitor, choose the Web Transaction (Browser) monitor.
3. Enter the Base URL and Device Type and click Start Recording.
4. When recording your workflow, if you are prompted to enter the TOTP,  right-click the field where you need to enter the TOTP.
5. Select Site24x7 Web Transaction (Browser) Recorder from the list of options.
6. Choose Set TOTP Key, and then choose the name of the global parameter you've created for the secret key.
7. Now, you can record the steps in the transaction and click the Save button.
   

SaaS Synthetics (Browser) monitor

1. Log in to Site24x7.
2. Under Add Monitor, choose the SaaS Synthetics (Browser) monitor.
3. Paste the Secret key that you got from the SaaS application.
4. Click the Save button.
   

Site24x7 processes this secret key and stores it in an encrypted format. It uses the secret key to generate a six-digit code and use it. This encrypted code is retrieved each time data collection occurs and is used to log the SaaS application or website.

• Related Articles

• Monitor and validate DNS IP changes using regex

  DNS administrators often monitor their DNS servers to detect changes in domain resolution and ensure IP mappings remain secure and accurate. Problem When your organization adds or modifies an IP address for your domain name, it’s critical to: Be ...

• How do I check if URL redirection works correctly using the Website Monitor?

  A webpage can be made available from more than a single web address using URL redirection. Most redirects are automated and it becomes difficult to track if the redirection works in a specific way. This can be verified using website monitoring in ...

• Difference between a website monitor and a SOAP Web Service monitor

  Website monitor will support monitoring of any web application via POST, GET and HEAD methods of configuration. Learn more on the performance metrics provided for a website monitor. SOAP Web Service monitors , on the other hand, lets you to ...

• Monitor database issues for OpenCart or Joomla websites

  Database issues for websites developed using OpenCart or Joomla can be identified by enabling a Content Match. Configure your website response such that a particular text is always present during all success responses and absent during all error ...

• No data for service and process in Windows server monitor

  If you see "No Data" for process and service metrics (such as CPU or memory usage of monitored services) in the Site24x7 Windows server monitor user interface, follow the troubleshooting steps below. Run PowerShell Commands Open PowerShell as ...