Hardware MFA on self-hosted instance #709
-
Can't get MFA to work on a self-hosted instance. I templated your "basic" docker-compose file and put it behind my own reverse proxy. However, upon trying to set up a "hardware key" MFA method, I'm met with the following generic error message: Do you not support hardware MFA on self-hosted instances, or are there some environment variables I have to set, like a Yubico client ID and secret for YubiKeys? Couldn't find anything about this in your documentation or in other issues here. Is there some place where I can find all the environment variables that I missed? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
Maybe, you can try setting PL_AUTH_TYPES on your server.
padloc/docs/examples/config/example.env Line 218 in 30ebb78 |
Beta Was this translation helpful? Give feedback.
-
@nmk-freelance Is on the right track. You'll need to set the following env variables: PL_AUTH_TYPES=email,totp,webauthn_platform,webauthn_portable
PL_AUTH_WEBAUTHN_RP_NAME=your.domain.com
PL_AUTH_WEBAUTHN_RP_ID=your.domain.com
PL_AUTH_WEBAUTHN_ORIGIN=https://your.domain.com More details about the "Relying Party" info here: https://simplewebauthn.dev/docs/packages/server#identifying-your-rp |
Beta Was this translation helpful? Give feedback.
@nmk-freelance Is on the right track. You'll need to set the following env variables:
More details about the "Relying Party" info here: https://simplewebauthn.dev/docs/packages/server#identifying-your-rp