ESUP-OTP
An open-source Multi-Factor Authentication provider for Apereo CAS
- Aymar Anli - Université Paris 1 Panthéon-Sorbonne
- Vincent Bonamy - Université de Rouen Normandie
- Mathilde Guérin - La Rochelle Université (speaker)
Presentation Outline
Hang on! A few words about ESUP first!
-
ESUP-Portail = French Consortium
- 80+ member institutions
- Our mission? To develop/support/promote open source solutions for Higher Ed
- Strong partnership with Apereo, collaborating on projects like uPortal, CAS, OAE, Karuta, ...
MFA Providers with Apereo CAS
MFA Providers with Apereo CAS
MFA in a nutshell:
ESUP-OTPto the rescue!
Goal and purpose
ESUP OTP
Technical design
- Express
CASsified web application
User preferences
User help/assistance
Administration UI
REST API
Code generation methods
Code transports
CAS module
ESUP OTP
Technical design
Mobile Application ESUP AUTH
NOW AVAILABLE on Google Play Store
COMING SOON on the App Store (currently under review)
ESUP OTP
[IRL] The different MFA options
SMS/Mail
TOTP w/ Google Auth
Random code list
Mobile push
NFC swipe
ESUP OTP CAS
[IRL] What it looks like with CAS 6.3.3
Waiting for push (or NFC) notification...
... or input code from Google-Auth, SMS, mail
ESUP OTP MANAGER
[IRL] Notifications: Device enrollment
ESUP-OTP push enrollment with QR-Code
ESUP OTP MANAGER
[IRL] Random code list
ESUP-OTP backup codes
ESUP OTP MANAGER
[IRL] "Someone please call 911"
ESUP-OTP Manager Interface
ESUP OTP MANAGER
[IRL] On the admin side
ESUP-OTP Admin Interface
ESUP-OTP is on Github! Go take a look at: