Use this procedure to enable two factor authentication (2FA) for VSA users logging into the VSA.
Note: When creating users in the VSA, Two Factor Authentication and Password Server, ensure that each user is defined using matching usernames and email addresses. Single Sign On runs as a part of Two Factor Authentication and does not maintain a separate list of users.
Select the AuthAnvil > Two Factor Auth > Configure Kaseya Logon option. After running AuthAnvil setup wizard, you should see the following settings already populated.
AuthAnvil SAS URL - The 2FA server you are integrating with the VSA.
Whitelist Users - As a safeguard, one or more "senior admins", delimited by commas. These users are NOT required to use AuthAnvil Two Factor Authentication to logon. Users will continue to be subject to Native Two Factor requirement(s), when applicable. Delimit VSA usernames with commas.
Whitelisted IPS - Defaults to blank. Optionally includes a range of user IP addresses that are allowed to log into the VSA.
Whitelisted User Configuration - Defaults to ‘Required AuthAnvil Two Factor Authentication for All users except those in the whitelist’.
Uncheck the Kaseya Logon Configuration checkbox. This means all VSA users must logon using 2FA except your whitelisted "senior admins".
Test logging into the VSA. You can view a log of 2FA Kaseya logons on the View Logons to Kaseya page.
