The question is about the ON-PREM MFA server and Single Sign-On.
Hello,
We have a bit of an odd setup.
On one of our MFA servers, users are created manually and the server is not configured with an identity source to validate the users. This means that users are not able to login to User Portal.
The call for the second factor for the user in question occurs when a user tries to launch an application from a web portal. Once a link is clicked, the web server initiates a call to Web Services API and invokes the second factor for the user, while the user sees the corresponding prompt (OATH) to enter a challenge.
It has been requested that users switch from OATH token to Auth App.
The ideal solution - allow users to log in to the User Portal and follow the communicated steps to enable and configure Auth App on their phone.
Alternatively, the entire service desk team would go through the logistics nightmare of communicating the QR code to the end-users.
Is there any way to configure SSO login for the users?
Is that possible to utilize configured 2FA as a first authentication method, if password login (since there's none) can not be used?
Any other possible approach to resolve the issue?
Thank you.