You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 27 Next »

Multi-Factor Authentication (MFA) is a method which is used to strengthen the security of a file, website, etc, and adds extra protection to the sign in process. It is an authentication method which allows the user access to a website/application once the user has provided the two (or more) pieces of information to verify identity;
WMDA uses passwords and authentication applications as the two, alongside texts/calls. 

Common issues

Issue 1

Error: 

Request Id: 12345678-2e3b-4c96-8e98-e10e6ec52400
Correlation Id: 12345678-0f20-4d51-9012-13e6313806a8
Timestamp: 2022-10-17T09:26:02Z
Message: AADSTS90072: User account 'test.person@testorg.org' from identity provider 'https://sts.windows.net/12345678-abcd-1234-a1b2-123456789abc/' does not exist in tenant 'WMDA Services' and cannot access the application '18373cfc-5469-463f-8793-bd3d30fb9a9b'(WMDA - Search+Match SPA Prod) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account

Issue & solution: 

You are logged in with your organisation's Microsoft account (in this case test.person@testorg.org) in the same browser as the one you are using for logging into Search & Match or other WMDA services. You are probably using it for services such as Office365/Microsoft365 which include outlook. In order to prevent these issues please use a browser that is not logged into your organisation's office365/microsoft365 account. You can also use incognito/inprivate mode for that. 

If the issue persists, please let us know at support@wmda.info and we will look into what we can do for you. 


End User guide 

This document is a guide to help aid users of the system to set up the required security verification methods to access the Search & Match Service. 

Initial setup: 

StepDescriptionImage
1

Please go to this web page. You can also go to https://portal.wmda.info/ and click on: 

"Partner sign in" 

followed by 

"Forgot your password?"



2Follow the steps to verify your e-mail address and set up your initial password. 


3

Enter a new password in the upper text box and confirm it in the lower text box



4Please read the content and click "Accept" on the screen below.


5Now, you will need to set up “Multi Factor Authentication”. 

Click Next.

Search & Match Front end

6

Choose your MFA method. You may choose

  • using an authenticator app on your smartphone
  • using an SMS on your mobile phone
  • using a hardware token
  1. We recommend Microsoft Authenticator if it is available in your region and on your smartphone/device if you have one.  Download (from your smartphone/device) and install it if you don’t already have it.  It makes for the easiest MFA login experience.

  2. Alternative MFA tools are Authy or Google Authenticator, and there may be other options in your region

    (Please let us know so we can add them to our documentation!)

  3. If you don’t have access to a Smartphone, and SMS service is better in your area than 3G/4G/5G coverage, then you can receive MFA codes via SMS.  Click “I want to set up a different method”. 

    Note that there is a small cost to the WMDA to use SMS for MFA, so please use this option only if necessary.

  4. If you are not allowed to use a smartphone you may use
    hardware tokens that supports TOTP.
    Hardware tokens are devices that work independently from a PC or Phone.

    We recommend only to use only certified tokens, eg . from https://token2.eu

    Tokens should minimally support TOTP, this is a single use six digit code that is uniquely bound to your account and changes every 30 seconds.

    Examples of hardware tokens :




    Example use : Token2 Molto

    This type of device is programmed once. Once programmed they provide the TOTP code without the use of a PC or mobile phone.

    You can program these devices with either a mobile phone that has NFC, or via USB, depending on the model. 

    Some models allow to store keys for up to 10 different accounts.



    There are tokens that need a mobile phone with NFC and an companion app to generate the TOTP code. WMDA does not recommend these tokens. Contact support@wmda.info if you have questions selecting the correct token for your situation.






7

Proceed with setting up your second factor method:


If you want to use Microsoft authenticator :












8

Continue set up:
There are a few more screens to work through, which will vary according to which MFA approach you use. 

Open the Microsoft Authenticator app and follow the instructions given.

Firstly click the "+" symbol to add the account and choose the "Work or school account" option, then choose the "Scan QR code" option.

         

The app will then access your camera, allowing the user to scan the QR code displayed on the webpage on the computer (it is displayed once the user clicks "Next" on the webpage).

Now the authenticator has been set up, head back to the webpage on the computer for the final confirmation.











9Check if the authenticator works

To ensure the MFA was set up correctly, the system will ask the user to verify the the authenticator with a verification code, which is displayed on the next page of the app.

Once all complete, you should be brought back to the original home page, and it should show your email in the top right.

10

Logging in

When logging in, after having set up the MFA, the user will be prompted to approve the login, either by entering the code from your authenticator, or tapping the "Approve" pop up in your application (when using Microsoft authenticator)

The Microsoft Authenticator app will show a notification like the one below -
























  • No labels