[2FA/TFA] Two factor authentication for Service Center and LifeTime

Service Center
On our radar

Considering the fact that the cloud version does not support internal network for IP white listing, I think adding an extra layer of security to secure service center  with Two factor authentication should be a standard in the Outsystems platform.

Created on 3 Apr 2018
Comments (13)

Changed the category to Service Center

good idea, would like this implemented! 

Good idea! 2FA should be the bare minimum for admin tools that are exposed on the internet.

Merged this idea with 'Two factor authentication for Lifetime' (created on 2015-12-08 00:52:18 by Steve Jordan)
I'd really like to see Outsystems introduce a two factor authentication option to Lifetime. Security these days is a massive issue.

Merged from 'Two factor authentication for Lifetime' (idea created on 2015-12-08 00:52:18 by Steve Jordan), on 2018-04-11 17:19:33 by José Ramalho
Changed the status to
On our radar

Hi Robin,

Thank you so much for your idea. I’m marking this as “on our radar” since we think this is a good idea.

This isn’t currently on our short-term backlog but we’ll keep an eye here if this idea continues to grow and get comments from all of you.  


I agree with the others so far, 2FA or IP address whitelisting is a must for Service Center & Lifetime in the cloud. I would prefer 2FA as it's more flexible. My only option at the moment is to look at some kind of web application firewall to achieve this.

IP address restriction has been easy to achieve in our applications, it would be nice to protect the admin tools as well.

It's just occurred to me that this should also be extended to logins for Service Studio and Integration Studio as well.


Considering the fact that the cloud version does not support internal network for IP white listing

At the time of writing this idea Outsystems did not support restricting access to an Internal Network for their cloud solution. This feature is since early this quarter available.


Where is this feature available Robin?


Hi Chris,

The feature is indeed available for Enterprise users. You'll need to open a Support Case and request to set it.




We are looking for the same for on premise deployment. Any design patterns and customizations in service center and lifetime that the team can share with us? 


@outsystems Any updates on the roadmap regarding implementing MFA on the platform ?

Also for Azure Deployment, two factor for ServiceCenter, LifeCenter and Development tools to secure Admin/developer access to platform it's a must in today's security requirements, like ISO27001.