Show Pocket Pass Key Secret in MFA Admin or Self Service
This guide is intended to be used when the end user don't have the option to scan the QR code with the device. The key can be provided by help desk staff over the phone or other method to the end user and the end user types in the key secret manually in the Pocket Pass app to create the key.
Requirements
- Backup of the server
- MFA Admin or Self service configured
Steps to show Pocket Pass Secret in MFA Admin
Login to the PhenixID configuration manager https:<server_ip/dns_name>:8443/config
- Select the general tab of the MFA Admin configuration you want to change
- Copy the ID of MFA Admin
- Select the ADVANCED tab on the top of the screen
- Click on Resources and search for "otpadmin configuration" with the guide_ref id is the same as the copied ID of MFA Admin
- Copy the content of content value
Use a tool to decode the content
- Go to for example https://www.base64encode.org/
- Paste the copied content in to "Decode from Base64 format" and select decode
- Copy the decode text and select Encode tab
- Paste the copied text in to the "Encode to Base64 format" and search for online
- After the online section add
"show_secret":true,
(make sure that format is correct)
- Click on Encode and copy the encoded text
Go back to the PhenixID configuration manager
- Paste the encode text to Content of the "otpadmin configuration"
- To save the configuration press "Stage changes" and then "Commit changes".