RobertRo Posted May 4 Posted May 4 (edited) Hello, i am in the process of writing PasswordState support for mRemote (https://github.com/mRemoteNG/mRemoteNG/pull/2591) Authentication to the PasswordState API via APIKey and Winauth works fine. Turning on MFA requirement works fine as well - but only once. As the MFA code rotates every few minutes, the user would have to constantly update the new MFA code before doing subsequent API calls. This is inconvenient / not usable. a "simple" solution would be to add an additional authentication option: let's call it "token". - the user does one initial API call to an "authentication" endpoint, providing API token and MFA or WinAuth and MFA as usual. - the server responds with an auth token, valid for 4 hours (customizable) - the user can now do subsequent API calls with the auth token. could this functionality be added to the API? (or is it already there and i am not seeing it?) thanks Robert Edited May 4 by RobertRo link to github code commit Goossens 1
Goossens Posted May 22 Posted May 22 +1 We are using a similar tool from Devolutions that already integrates with the Passwordstate API but without the MFA. We have asked them to add support for MFA, but the way PasswordState handles MFA in the API is a showstopper wrt usability.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now