Stores > Settings > Configuration > Security > 2FA
General
General
| Field |
Scope |
Description |
| Providers to use |
Global |
Indicates the two-factor authentication (2FA) solution(s) that can be used to log in to the Admin. Authentication by only one 2FA solution is required to log in. If more than one 2FA solution is implemented, each user can choose the one they prefer to use.
Before logging in to the Admin, each user must follow the provider’s instructions to install the app or complete other setup requirements. For complete details, see Two-Factor Authentication. |
| Configuration Email URL for Web API |
Global |
For custom implementations, the URL for an alternate email configuration link that is sent to Admin users at first login. In the email template, use the placeholder :tfat to indicate where the token is injected. |
Google
Google
| Field |
Scope |
Description |
| OTP Window |
Global |
The lifetime in seconds of each one-time password (OTP) generated by Google Authenticator. Default: 30 |
Duo Security
Duo Security
| Field |
Scope |
Description |
| Integration Key |
Global |
The integration key from your Duo Security account. |
| Secret Key |
Global |
The secret key from your Duo Security account. |
| API Hostname |
Global |
The API hostname from your Duo Security account. |
Authy
Authy
| Field |
Scope |
Description |
| API Key |
Global |
The API key from your Authy account. |
| OneTouch Message |
Global |
The message that appears in the Authy authenticator at login. Default: Login request to your Magento Admin |
U2F Key
U2F Key
| Field |
Scope |
Description |
| WebApi Challenge Domain |
Global |
The domain that is used to issue and process WebAuthn challenges for custom WebAPI implementations. |
