Skip to main content

Multi-Factor Authentication

Multi-factor authentication (MFA) allows securing of users' credentials within Stax that are not associated with a Single Sign-On (SSO) provider. Enabling MFA provides additional security by requiring that a second proof of identity be provided before a user is granted access to the Stax Console.

If your organization uses single sign-on to access Stax, you must configure MFA using your organization's SSO provider.

Configure MFA

  1. Log in to the Stax console

  2. Choose your name from the bottom of the left-hand nav, below the option for Support

  3. In the Personal Details section, under the Multi-Factor Authentication heading, choose **Configure Screen Shot 2023-08-25 at 2.04.35 pm.png **

  4. Choose Set up Authenticator ApplicationScreen_Shot_2022-05-30_at_10.59.46.png

  5. Using Microsoft Authenticator, Google Authenticator, or another similar MFA application that supports TOTP, scan the QR code on the web page. Enter a name for the device, as well as the current One-time code, then choose Submit. Screen_Shot_2022-05-30_at_11.03.48.png

Next time you log in to the Stax console, or using stax2aws, you will be prompted to provide a one-time code from your TOTP application. Upon successfully entering the code, you will be logged in to Stax

Screen_Shot_2022-05-30_at_11.07.57.png

Disable MFA

  1. Log in to the Stax console

  2. Choose your name from the bottom of the left-hand nav, below the option for Support

  3. In the Personal Details section, under the Multi-Factor Authentication heading, choose ConfigureScreen Shot 2023-08-25 at 2.04.35 pm.png

  4. Click Remove next to to the authentication device. The authenticator will be removed immediately and MFA will be disabled for the userScreen_Shot_2022-05-30_at_11.08.51.png

Reset MFA Token

If you've lost your MFA token, you'll require assistance from both an administrator of your Stax tenancy, and the Stax support team. Have someone who is a member of the Admin role in your Stax tenancy raise a support case requesting that your MFA token be reset.

Considerations

  • MFA must be enabled on a per-user basis, by the user, and cannot be enforced organization-wide at this time

  • MFA status is not currently exposed in the Stax API, and as such cannot be reliably determined at an organization-wide level. If you require this detail, please raise a support case requesting a report of MFA status

  • Administrators cannot currently reset MFA tokens on behalf of users, this must be achieved by raising a support case for assistance