Idea ID: 2783951

Allow for customization of labels when using TOTP

Status: Duplicate

Typically, when you enroll a device using a TOTP authenticator app like Google's or Microsoft's, after you enroll, the account shows up with the name of the application or vendor and the login ID. But with Adv. Auth. both values just show up as "Netiq", which is meaningless. Those values need to be able to be customized.

Tags:

Parents
  • Following up on my comment, it is not as if achieving this is at all difficult. The labels of the TOTP authenticator in question arise from the QR code generated by the appliance. The QR code is simply this formatted URL: otpauth://totp/[account_name]?secret=[secret_key]&issuer=[Website_Title] On the AA appliance the account_name and website_title are both replaced with NetIQ. On the TOTP class on NAM for instance, the account_name is fixed as the user's email address, and the website_title, the IDP's hostname. We just need AA to do similar, or better, add a configurable policy that allows overriding which user attribute for the account_name and identifiable website_title. Seems such an easy an obvious win!
Comment
  • Following up on my comment, it is not as if achieving this is at all difficult. The labels of the TOTP authenticator in question arise from the QR code generated by the appliance. The QR code is simply this formatted URL: otpauth://totp/[account_name]?secret=[secret_key]&issuer=[Website_Title] On the AA appliance the account_name and website_title are both replaced with NetIQ. On the TOTP class on NAM for instance, the account_name is fixed as the user's email address, and the website_title, the IDP's hostname. We just need AA to do similar, or better, add a configurable policy that allows overriding which user attribute for the account_name and identifiable website_title. Seems such an easy an obvious win!
Children
No Data