InstaSafe | Integrate Microsoft Authenticator for Two-Factor Authentication (2FA) in ISA

Integrate Microsoft Authenticator for Two-Factor Authentication (2FA) in ISA

The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number.

Users are encouraged to integrate Authenticator Apps that would provide Time-based OTPs (TOTP) for Two-Factor Authentication. This would effectively eliminate the dependency on mobile networks for SMS OTPs as well as to avoid deadlock scenarios where users can access corporate email (for Email OTPs) only after the InstaSafe Secure Access (ISA) App is connected.

This Article provides guidance on how to use Microsoft Authenticator for Two-Factor Authentication (2FA).

Step 1: Login to the ISA Portal

Once the Administrator of an organization provisions a user in the InstaSafe Secure Access (ISA) Management Console, a Welcome Email would be sent on the user's registered email ID. Click on ‘Company Signin’.
 


The ISA portal (https://<<company>>.instasafe.com) specific to the user's organization would open up. Users can make use of the credentials provided by their organization's Admins to login to the portal.



In case Two Factor Authentication has already been configured, an OTP will be sent to your registered email ID and mobile number which would need to be entered in order to proceed.
Depending on the type of deployment setup opted for by the organization, these credentials may either be the Domain Credentials (synced with the corporate IAM) or created locally in the ISA Management Console by the Admins. In some cases, the Admins might even allow users to set their own ISA passwords. In this case, users would receive an email through which they could set their own passwords, in addition to the regular 'welcome email'. 

It is expected that the Admins convey this information to all users of the organization that would be making use of the ISA solution.

Users that are locally provisioned can change their passwords within the ISA portal once logged in.

Step 2: Scan QR Code Using an Authenticator App

Once logged in, you can click on the Profile Icon at the top-right corner of the page and then click on 'QR Code'



The QR Code unique to your User Profile would be displayed. This could be scanned using Microsoft Authenticator




Step 3: Use the Authenticator App for Two-Factor Authentication (2FA)

After successfully scanning the QR Code, Microsoft Authenticator would provide Time-based OTPs (TOTP) for Two-Factor Authentication



These TOTPs could be used when logging into the ISA portal or the ISA App.

In case you are unable to integrate your Authenticator App by following these steps, please contact your organization's IT Team.

If you are an Admin of the organization's ISA Account and need assistance, contact InstaSafe Support