Business Solution icon

Multi Factor Authentication for Outsystems Back office

Contact Partner
First release on 
1 Apr 2019
Latest release on 
1 Jul 2020
Contact Partner
Securing your Outsystems environment for IT users that need to login and use Service Studio, Integration Studio, Service Center and LifeTime, authenticating against Azure using a rotating PIN that expires.
Release notes ()
Key benefits
Read more

Adds additional security:

  • The solution adds additional security to the Outsystems Platform so that the platform complies with the company’s standards, the same as with end-user applications. 

  • If a developers AD account gets disabled they will automatically lose access to Service Studio, Integration Studio, Service Center and LifeTime. 

  • OTP sessions expire after a set amount of time, making sessions more secure. 

  • OTP can be sent via UI, email or SMS. 

Problems Addressed / Key Features
Read more
  • Internal company policy dictates that all internet-facing applications must use the company’s authentication provider such as Azure Active Directory (AAD) with Multi-Factor Authentication (MFA) 

  • OutSystems applications can support this relatively easily with available forge components. However, when it comes to the OutSystems platform itself, it is not so straight forward. There are authenticator plug-ins on the forge that can facilitate AAD+MFA for LifeTime and Service Centre, but not for Service- and Integration Studio -which are desktop applications with a single authentication cycle. 

  • The problem we solved was how to enable all the OutSystems Platform components to work with AAD+MFA using standard API’s. 

  • The JustSolve team has designed a solution which satisfies this requirement by using a bespoke third-party application as a middleman to connect a custom OutSystems authentication plug-in to AAD indirectly via a generated One Time Password (OTP). 

  • The solution itself is divided into two parts, namely the OutSystems Authenticator Plug-in and the JS Authenticator Web Application. 

  • The plug-in will be deployed to each client’s platform and configured with their own information. 

  • The web application will be hosted by JustSolve and will deliver the primary service of dealing with AAD+MFA integration and servicing login requests from client platforms. 

Technical details
Read more

Web Application Only

Desktop Browser Requirements:

  • Coming soon.
Computer & Technology
Other use cases
More from JustSolve (Pty) Ltd