User:Jbond/SSO

From Wikitech

SSO at wikimedia is currently a work in progress based on the apereo cas sowftare.

It is currently reachable at https://idp.wikimedia.org and protects the following services

Enable MFA

We currently only support U2F MFA tokens at this time and this is enable by using the ldap `mfa-method` attibute. As this attribute is part of the `wikimediaPerson` you also need to ensure users have this objectClass on the user account. i.e. to enable mfa on an account add ensure the following attributes are present on a user account. The can be added using the `modify-ldap-user` cli tool 

mfa-method: mfa-u2f
objectClass: wikimediaPerson
Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=User:Jbond/SSO&oldid=2143106"