FileCloud Best Practices: How to Use Two-Factor Authentication with External Accounts – Automatically

This is the next blog post in our FileCloud Best Practices series. We previously covered how to use external accounts for private, secure sharing. We have also reviewed how to automate the maintenance of external accounts.

Depending on your FileCloud license, your system can enable multi-factor authentication (MFA) with External Accounts. To do this automatically, each new account created needs to be added to a particular External Account policy group.

We will go through all the steps needed to configure this.

Create an External User Policy Group

The first thing we need to do is create a new User Policy group that will be used to configure MFA for all External Users.

Go to: Admin UI > Settings > Policies > New Policy

We will name this group “External Users” for this example, but you can use any other name.

Once created, edit the policy group and change the MFA settings to your preference (for example, Email).

Create a Workflow to Add New External User Accounts to the “External Users” Policy Group

Now we will create the workflow to move every new External User Account to the Policy user group we recently completed.

Go to: Admin UI > Workflows > New Workflow and select “Add Workflow.” We will create a new workflow with the condition being “If a new user is created.”

Required parameters:

{
"user_access_level": "USER_ACCOUNT_LIMITED_ACCESS"
}

In the dropdown for the “THEN” Action, select “Set user policy”

Required Parameters:

{
"policy_name": "External Users,"
}

Finally, name the new workflow. This can be whatever helps you remember the purpose of the workflow.

Now the system is configured to automatically add new external users to the External Users Policy, which applies two-factor authentication.

See It In Action

Log in to the user UI, create a new share, and add a new user account.

Note: If you want to learn how to enable the feature to automatically create new accounts when creating a new share, please visit our previous blog post, FileCloud Best Practices: How to Use Private Shares and External User Accounts.

Once completed, you can log in to your admin portal and check the new user account. Go to Settings > Policies and view the policy users section; you will see the recently created account added to the policy group:

You can also verify if your workflow is working by reviewing the audit records and filter using the Workflow name:

This completes our three-part series on sharing files privately with External Users.

Note: MFA for External Users is part of the Advanced License; if you don’t have this feature and are interested in trying it or seeing pricing, please reach out to your CSM representative or contact us.

 

Article written by Daniel Alarcon, Technical Support Manager

Edited by Katie Gerhardt, Junior Product Marketing Manager