Pega Platform supports multi-factor authentication by sending a one-time password (OTP) to a user through email and SMS. The user must enter this one-time password in your Pega Platform application for verification.
Multi-factor authentication is supported for the following use cases:
- In custom authentication services
- In case flows, to authenticate a user before critical transactions (such as a funds transfer in excess of a certain amount)
You can configure your Pega Platform application to use multi-factor authentication by completing the following steps:
- Configuring multi-factor authentication policies
To control the behavior of multi-factor authentication, configure the multi-factor authentication policy settings on the Security Policies landing page.
- Generating a one-time password
Generate a one-time password to provide a mechanism for securely logging in to an application running on Pega Platform.
- Verifying a one-time password
You can verify a one-time password by calling an activity or an API.