Secure your Headless/Decoupled Drupal with a robust Two Factor Authentication (2FA) using our Drupal Two Factor Authentication - 2FA / Passwordless Login. This guide will help you to configure Two-Factor Authentication (2FA / MFA) for your Headless Drupal site.
Drupal 2FA module will add a second layer of authentication to your Drupal account to increase the security of your site from unwanted hacks and unauthorized login attempts. This module is compatible with all Drupal 7, 8 and Drupal 9 sites.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Two Factor Authentication - 2FA / Passwordless Login module.
Know more about Drupal Two Factor Authentication - 2FA / Passwordless Login module from here.
You can download the Drupal Two Factor Authentication - 2FA / Passwordless Login module from here.
composer require drupal/miniorange_2fa
composer require 'drupal/miniorange_2fa'
{BaseURL}/update.php
{BaseURL}/admin/config/people/miniorange_2fa/customer_setup
drush dl miniorange_2fa
drush en miniorange_2fa
drush cr
{BaseURL}/admin/config/people/miniorange_2fa/customer_setup
{BaseURL}/admin/config/people/miniorange_2fa/customer_setup
API: POST {drupal-base-URL}/headless/authenticate.
What you will send:
{"username":"xxxxx","password":"xxxxx","apiKey":"xxxxx"}
If successful, you will receive back the following response:
{"username":"xxxxx","status":"SUCCESS","message":"xxxxx","transactionID":"xxxxx","authType":"xxxxx"}
PARAMETER | TYPE | REQUIRED? | DESCRIPTION |
---|---|---|---|
username | string | required | Entered by the user on the login form. |
password | string | required | Entered by the user on the login form. |
apiKey | string | required | Send the apiKey provided in the module. |
API: POST {drupal-base-URL}/headless/login
What you will send:
{"username":"xxxxx","transactionID":"xxxxx","authType":"xxxxx","otp":"xxxxx","apiKey":"xxxxx"}
If successful, you will receive back the following response:
{"username":"xxxxx","status":"SUCCESS","message":"xxxxx","userprofile":"xxxxx"}
PARAMETER | TYPE | REQUIRED? | DESCRIPTION |
---|---|---|---|
username | string | required | You will get this in response to the first API call. |
transactionID | string | required | You will get this in response to the first API call. |
authType | string | required | You will get this in response to the first API call. |
otp | string | required | You will get this in response to the first API call. |
apiKey | string | required | Send the apiKey provided in the module. |
ERROR CODE | DESCRIPTION |
---|---|
400 Authentication Failed | API Authentication Failed |
404 Not Found | Headless 2FA setting is not enabled. Please enable the same under the Headless 2FA Setup tab of the module. |
401 Unauthorized | User has entered invalid credentials (username/password) |
403 Forbidden | User has entered the incorrect OTP (One time passcode) |
500 Internal Server Error | You will get 500 Internal Server Error due to various reasons, please check Drupal logs for more details. |
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal Two Factor Authentication - 2FA / Passwordless Login module.
Need Help? We are right here!
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com