https://man.liquidfiles.com
LiquidFiles Documentation

In this article, we're going to enable Strong Two-Factor Authentication using SMS.

In order to send SMS from LiquidFiles, we need to use a SMS gateway and in this article we're going to use www.Clickatell.com.

Video Overview

Configuring Clickatell

As a first step, sign up for an account with Clickatell and confirm the account. Once you've confirmed the account and logged in for the first time, please click on "Get started" creating a SMS integration.

images/authentication/sms/clickatell_1.png

At this next screen please follow the steps they have outlined:

  • Add 1-3 test phones.
  • Copy the API key, in this example: QlklpUTxTRuJlBvw77sLGw==
  • The integration is now in Sandbox mode and will be until you click "Activate now". If you just want to test the SMS integration, don't click "Activate Now" or you won't be able to send messages until you've added billing and topped up your account. You can stay in Sandbox mode only sending to your test phones for as long as you want to test the integration.
images/authentication/sms/clickatell_2.png

Moving to production with Clickatell

To move from Sandbox to Production mode, first enter your billing details and then click on the Active now button. When going through the Activation Process, the default settings are fine:

images/authentication/sms/clickatell_3.png

And feel free to give it a more friendly name if you want.

Enabling SMS Authentication in LiquidFiles

Please go to Admin → Configuration → Strong Auth SMS and enter the SMS Auth Configuration, with the Clicktell API key. In our example above, the line you want to copy is:

https://platform.clickatell.com/messages/http/send?apiKey=QlklpUTxTRuJlBvw77sLGw==&to={{phone_number}}&content=LiquidFiles Token: {{message}}
images/authentication/sms/configure_sms.png

A couple of notes on the different variables:

  • {{phone_number}} will be replaced by the users phone number. Clickatell assumes that a phone number with country code 1 and phone number 234-568-890 is entered as 1234567890 with no leading + and no spaces.
  • "LiquidFiles Token: {{message}}" — the {{message}} part is what will contain the randomized token. Without this authentication won't work, and feel free to change "LiquidFiles Token:" to something else if you want.

From this page you can send test messages to your test phones as needed.

Enabling SMS Authentication for users and groups

You can enable SMS based authentication either on a per user or per group basis.

For user, please go to Admin → Users, click add or edit the user you want to change and select either SMS OTP Require or SMS OTP Enable.

If you select Enable, users have a choice to increase the security on their account. If you select Require, they have to enabled SMS based One Time Passwords.

images/authentication/sms/user_config.png

For groups, please go to Admin → Groups, click add or edit on the group you want to change, you have the same options as for users.

images/authentication/sms/group_config.png

End User View — SMS Enable

If you configure "SMS Enable" on either a per group or per user basis, a user can choose to go can go to their Account Settings Page and it will look like this:

images/authentication/sms/user_enable.png

If they enter their phone number, a randomized token will be sent to their phone and they will then be required to enter a randomized token sent via SMS for each subsequent login.

End User View — SMS Require

If you configure "SMS Require" as a Strong Auth setting on either a per user or per group basis, the next time the user login, they will be required to sign-up with their phone number:

images/authentication/sms/user_require_1.png images/authentication/sms/user_require_2.png

And from then on, the user will be sent a randomized token each time they authenticate to LiquidFiles.

images/authentication/sms/user_verify_token.png