Documentation

    {{docApp.userSession.userId}}
    {{docApp.userSession.userName}}
    {{docApp.userSession.email}}
    Issuer : {{docApp.userSession.issuerInstance}}
    Expires : {{new Date(docApp.userSession.validUntil).toLocaleDateString()}}

{{docApp.title}}

{{docApp.description}}

How can we help?

{{docApp.searchError}}
{{product.name}}

Searching in {{docApp.searchFilterBySpecificBookTitle}}

{{docApp.searchResultFilteredItems.length}} results for: {{docApp.currentResultsSearchText}} in {{docApp.searchFilterBySpecificBookTitle}}
Search results have been limited. There are a total of {{docApp.searchResponse.totalResultsAvailable}} matches.

You have an odd number of " characters in your search terms - each one needs closing with a matching " character!

{{docApp.libraryHomeViewProduct.title || docApp.libraryHomeViewProduct.id}}

{{docApp.libraryHomeViewProduct.description}}

  1. {{book.title}}

{{group.title || group.id}}

{{group.description}}

  1. {{book.title}}

{{group.title}}

{{book.title}}
More...

Two-factor authentication

Hornbill supports two-factor authentication (2FA) for both user and guest accounts.

2FA can either be enabled for all accounts, or on an account-by-account basis.

Hornbill provies 2FA either via an Emailed code or Authenticator App of users choice (For example Microsofts Authenticator or Google Authenticator)

Before you begin

  • Hornbill must have an email domain set up for outbound routing
  • Users must have a valid email address on their account
  • 2FA is only applicable to the web apps. It is not available on the native mobile apps.
  • When using SSO, Hornbill 2FA is not used. Instead, 2FA should be set up using your identity provider if the option is available.

How Two-Factor Authentication Works

With Two-factor Authentication (2fa) enabled, when a user (guest) logs in to Hornbill, they will be prompted to enter a 6-digit authentication code.

The user retrieves this code from an email sent to their account’s email address or via the Authenticator App, and uses it to complete the log in process.

2FA Code

Settings

2FA Timeouts are set in Advanced System Settings.

Tip

To access any of the settings described in this document, open Configuration and search by part or all of the setting name

Name Description Default
security.guest.2fa.timeout The number of seconds a 2FA challenge token remains valid (in seconds) 300
security.user.2fa.timeout The number of seconds a 2FA challenge token remains valid (in seconds) 300

2FA mode optional

When either the user or guest mode settings are set to optional the option to enable 2FA on an individual user account is available.

  • Disabled
    2FAis not enabled.
  • Email
    2FA is enabled. Authentication codes are sent to the users by email.
  • Authenticator App
    2FA is enabled. Authentication codes are available in the Authenticator App of user.

How to enable Email 2FA on a user account

  1. Using the Configuration search, type the name of the user to be changed to 2FA.
  2. In the list of results, select the user name.
  3. On the Details tab of the user account, locate the Security Settings section.
  4. Under Two-Factor Authentication select `Email’.
  5. Save Changes.

How to enable Email 2FA on a guest account

  1. Using the Configuration search, type Guest.
  2. In the list of results, click on Guest Accounts.
  3. In the list of guest accounts, select the account to be changed to 2FA.
  4. Click on the Two-Factor Authentication icon in the toolbar.
  5. Select Email.

How to enable 2FA on the Authenticator App

Unlike Email which can be configured without the user,the Authenticator app requires the user to scan a QR code in the Authenticator app of their choice so must be completed by the user.

  1. Login as the User
  2. Goto the Users Profile Settings Authentication tab
  3. Change Type to Authenticator App
  4. Follow the On Screen prompts to Scan the QR code in your chosen Authenticator App then Enter the One time code in the fields provided
  • Version {{docApp.book.version}}
  • Node {{docApp.node}} / {{docApp.build}}
In This Document