This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

MFA implementation for management call/ UI login.

Posted on 09-24-2016 08:53 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Does an account get locked if too many invalid MFA tokens are provided? If so, what causes this and what is the procedure to unlock the account?

- What is the lifetime of a refresh token?


- Is there a quota on how often we can request a new access token? If so, is this quota at a user level or organisation level?

0 1 102
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM


1. Yes. The account gets locked for a period of 5 minutes if the user enters 5 incorrect MFA tokens consecutively. ( After 3 tries, the user is alerted that too many retires will lock his account), So the account is unlocked in 5 minutes. It is time bound. There is no process of unlocking the user.



2. Refresh token validity not tied to Multi factor Authentication, it depends on the client. ( edgeui and edgecli clients which are used to access the MGMT UI and mgmt API calls have a refresh token validity of 84600 seconds).



3. There is no quota/limit on how often someone can request for an access token.

0 Likes
Top Solution Authors
View all