- What's New
- Service Overview
- Getting Started
- User Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Instance Management
- Access Control Attribute Management
-
Permission Set Management
- Adding a System-defined Identity Policy
- Deleting a Permission Set
- Querying Permission Set Details
- Updating a Permission Set
- Deleting a System-defined Identity Policy
- Querying Details About a Custom Identity Policy
- Adding a Custom Identity Policy
- Deleting a Custom Identity Policy
- Listing Accounts Associated with a Permission Set
- Listing System-defined Identity Policies
- Listing Pre-provisioning Statuses of Permission Sets
- Listing Permission Sets
- Creating a Permission Set
- Listing Permission Sets Provisioned to an Account
- Pre-provisioning a Permission Set
- Querying Pre-attachment Status Details of a Permission Set
- Adding a System-defined Policy
- Deleting a System-defined Policy
- Listing System-defined Policies
-
Account Assignment Management
- Removing Account Assignments
- Querying Details about the Account Assignment Creation Status
- Listing Account Assignment Creation Statuses
- Listing Account Assignment Deletion Statuses
- Listing Users or Groups Associated with an Account and a Permission Set
- Creating Account Assignments
- Querying Details about the Account Assignment Deletion Status
- Tag Management
- User Management
- Group Management
- Group Membership Management
- SCIM User Management
- SCIM Group Management
- Service Provider (SP) Management
- Client Management
- Token Management
- Device Authorization Management
- Authorization Management
- Account Management
- Agency Management
- Credentials Management
- Appendixes
- Change History
- General Reference
Show all
Copied.
Binding an MFA Device
You must have physical access to the user's MFA device so that you can add it. For example, you might configure MFA for a user who will use an MFA device running on a smartphone. In this case, you must have the smartphone available in order to finish the wizard. For this reason, you might want to let users configure and manage their own MFA devices. For details, see Allowing Users to Bind Their Own MFA Devices.
Binding an MFA Device
- Log in to the Huawei Cloud console.
- Click
in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
- In the navigation pane, choose Users.
- In the user list, click a username to go to the user details page.
Figure 1 Selecting a user
- On the MFA Devices tab, and click Bind MFA Device.
Figure 2 Binding an MFA device
- On the displayed page, select one of the following MFA device types and perform operations as instructed:
- Authenticator App
On the Bind Virtual MFA Device page, the configuration information, including the QR code, of the new MFA device is displayed. Follow the prompts to bind a virtual MFA device.
- Install a compatible virtual MFA device (authenticator app) on your mobile phone.
- Bind the virtual MFA device by scanning the QR code or manually entering the secret key.
- Scan the QR code
Open the virtual MFA device and scan the QR code displayed on the Bind Virtual MFA Device page. Then the user is added to the virtual MFA device.
- Manually entering the secret key
Open the MFA application on your mobile phone, and enter the secret key.
NOTE:
The user can be manually added only using time-based one-time passwords (TOTP). You are advised to enable automatic time setting on your mobile phone.
- Scan the QR code
- View the dynamic code of the virtual MFA device on the MFA application. The code is automatically updated every 30 seconds.
- In the Bind Virtual MFA Device dialog box, enter the dynamic code.
- Click OK.
- Security key
In the Add Security Key dialog box, follow the instructions displayed on the browser or platform.
NOTE:
- The experience may vary in different operating systems and browsers, so follow the instructions displayed by your browser or platform.
- If you select both the authenticator App and security key, users logging in to the user portal will be authenticated using the security key first and then the authenticator App later.
- Authenticator App
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot