Using OATH Tokens

Owned by Phillip Hanegan
Last updated: Jan 19, 2020 by Patrick Parker
3 min read

If your organization has enabled OATH Tokens for multi-factor authentication, when logging in you will have the opportunity to authenticate using a token generated by a client application such as Google Authenticator or Duo Security. If multi-factor authentication is optional for your account, you do not need to use this method. However, if multi-factor authentication using this method is required, you must have install Google Authenticator or Duo Security on your mobile device and authenticate using the token generated by that application.

To use OATH Tokens

  1. Log in to your organization's Web portal as you would normally do so.

  2. If multi-factor authentication is optional (or required and you have multiple options available to you) and you want to enable OATH Tokens as a second factor for your account, select OATH Token and click Submit.



    If OATH Tokens are required for your account, you will not see a screen asking you to select a multi-factor option. Instead, you will see the below screen.

    You should see a screen stating that you need to verify your identity by entering the code generated by Google Authenticator.




  3. To get your token, click Email Token and Instruction.




  4. Click Ok to close the software token was issued successfully message and then check your email for further instructions.




  5. Follow the instruction for installing Google Authenticator on your phone and then click the appropriate link to provision your token.




  6. If you read the email from the your computer, clicking the from your PC link generates QR code in the browser. Scan the code with a barcode reader from your mobile phone.




  7. Next, retrieve the token from Google Authenticator (or Duo if you are using that application), enter it in the Verification field and then click Verify.




    If you entered the code correctly, and another level of multi-factor authentication is not required on your account, you should be authenticated. The next time you log in to the portal, follow the instructions on the screen.

    If you enter the wrong code, you will see a message stating "The passcode entered is incorrect. Please try again." To do so, select your delivery method and request a new code. Once you correctly enter the new code, you will be authenticated. Depending on how your administrator has set things up, if you enter the wrong code repeatedly, you will see a message asking you to restart the login process. To do so, click the Back link.

    image2020-1-19_18-5-15.png

    If you are asked for another factor, select the desired authentication method and follow the steps shown on the screen.