website/docs: add authenticator_sms stage docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-10-14 11:33:46 +02:00
parent 6ee7d5bf9c
commit 07d619d257
3 changed files with 40 additions and 1 deletions

View File

@ -0,0 +1,37 @@
---
title: SMS authenticator setup stage
---
This stage configures an SMS-based authenticator using either Twilio, or a generic HTTP endpoint.
## Twilio
Navigate to https://console.twilio.com/, and log in to your existing account, or create a new one.
In the sidebar, navigate to *Explore Products*, then *Messaging*, and *Services* below that.
Click on *Create Messaging Service* to create a new set of API credentials.
Give the service a Name, and select *Verify users* as a use-case.
In the next step, add an address from your Sender Pool. Instructions on how to create numbers are not covered here, please check the Twilio documentation [here](https://www.twilio.com/docs).
The other two steps can be skipped using the *Skip setup* button.
Afterwards, copy the value of **Messaging Service SID**. This is the value for the *Twilio Account SID* field in authentik.
Navigate back to the root of your Twilio console, and copy the Auth token. This is the value for the *Twilio Auth Token* field in authentik.
## Generic
For the generic provider, a POST request will be sent to the URL you have specified in the *External API URL* field. The request payload looks like this
```json
{
"From": "<value of the *From number* field>",
"To": "<the phone number of the user's device>",
"Body": "<the token that the user needs to authenticate>,
}
```
Authentication can either be done as HTTP Basic, or via a Bearer Token. Any response with status 400 or above is counted as failed, and will prevent the user from proceeding.

View File

@ -5,8 +5,9 @@ title: Authenticator Validation Stage
This stage validates an already configured Authenticator Device. This device has to be configured using any of the other authenticator stages: This stage validates an already configured Authenticator Device. This device has to be configured using any of the other authenticator stages:
- [Duo authenticator stage](../authenticator_duo/index.md) - [Duo authenticator stage](../authenticator_duo/index.md)
- [TOTP authenticator stage](../authenticator_totp/index.md) - [SMS authenticator stage](../authenticator_sms/index.md).
- [Static authenticator stage](../authenticator_static/index.md). - [Static authenticator stage](../authenticator_static/index.md).
- [TOTP authenticator stage](../authenticator_totp/index.md)
- [WebAuth authenticator stage](../authenticator_webauthn/index.md). - [WebAuth authenticator stage](../authenticator_webauthn/index.md).
You can select which type of device classes are allowed. You can select which type of device classes are allowed.

View File

@ -115,6 +115,7 @@ module.exports = {
label: "Stages", label: "Stages",
items: [ items: [
"flow/stages/authenticator_duo/index", "flow/stages/authenticator_duo/index",
"flow/stages/authenticator_sms/index",
"flow/stages/authenticator_static/index", "flow/stages/authenticator_static/index",
"flow/stages/authenticator_totp/index", "flow/stages/authenticator_totp/index",
"flow/stages/authenticator_validate/index", "flow/stages/authenticator_validate/index",