Generate Authenticator App URI Action for 2FA Integration

The Generate Authenticator App URI action, offered on the Kuika platform to enhance security, is used to initiate the two-factor authentication (2FA) process. This action generates a unique URI (Uniform Resource Identifier) that users can use to set up their accounts in mobile apps such as Google Authenticator or Microsoft Authenticator. This URI, which can be displayed as a QR code or entered manually, allows users to securely integrate their accounts into their mobile devices. This guide provides step-by-step instructions on how to configure the action, how to enable integration through the Configuration Manager, and how to include the 2FA process in your application.

2FA Configuration

Step 1: Create a Configuration

• Log in to the Kuika platform.
• Click on the Configuration Manager module in the left menu.
• To create a new configuration:
  
  • Enter a name.
  • Click on the CREATE button.

Step 2: Enabling 2FA Settings

• Go to the Authentication & Authorisation section in the configuration you created. 
• Enable the 2FA switch. 
• Enter the validity period of the verification code in the 2 Auth Duration field (e.g. 15 days).

Verification with the Authenticator App

Step 1: Use the Generate Authenticator App URI Action

• To launch the 2FA app, users click on a ‘Start 2FA’ button.
• Add an OnClick trigger to this button.

• Action: Authorisation → Generate Authenticator App URI
• When the action is executed:
  
  • A unique URI is generated for the user.
  • This URI is converted to a QR code and presented to the authentication app (e.g. Google Authenticator).
  • Optionally, the URI can also be displayed as text.

Step 2: Display QR Code

• Visualise the URI output with a QR Renderer component.
• The user scans the QR code with the mobile verification app to link their account.

Sending Verification Codes via SMS or Email

Step 1: Setting Up Verification Code Templates

• Email Builder module to customize the email code content.
• For SMS delivery, create a custom service from Kuika's Datasources module.

Step 2: Sending Verification Codes with Datasource

• Click the + icon in the Datasources module.
• Select the C# data source.

• Select the Custom Verification Code Sender Provider template.
• Create the message content using information such as User Email, User Phone, FirstName, LastName.
• Define the sending process above the return false line according to the necessary conditions.

Using 2FA at Login

Step 1: User Login Process

• The username and password are checked with the Authorisation → Encrypted Sign In action.
• Get the User Name and Password values from Current (example: Current.Email, Current.Password).

Step 2: Verification Code Entry

• After login, the system asks the user to enter a code as a second verification step.
• At this stage, the user is redirected to the ‘Verification Code’ screen.
• Access is granted after the user enters the code.

Advantages of Using 2FA

• Creates a security layer, especially for applications containing financial and personal data.
• Increases user confidence and the reliability of the application.

• In the Kuika 2FA system, user-specific secret keys are stored securely within the system.
• Each user can only log in to the mobile application with their own unique QR code.