diff --git a/website/docs/flow/stages/authenticator_sms/index.md b/website/docs/flow/stages/authenticator_sms/index.md new file mode 100644 index 000000000..6568a8170 --- /dev/null +++ b/website/docs/flow/stages/authenticator_sms/index.md @@ -0,0 +1,37 @@ +--- +title: SMS authenticator setup stage +--- + +This stage configures an SMS-based authenticator using either Twilio, or a generic HTTP endpoint. + +## Twilio + +Navigate to https://console.twilio.com/, and log in to your existing account, or create a new one. + +In the sidebar, navigate to *Explore Products*, then *Messaging*, and *Services* below that. + +Click on *Create Messaging Service* to create a new set of API credentials. + +Give the service a Name, and select *Verify users* as a use-case. + +In the next step, add an address from your Sender Pool. Instructions on how to create numbers are not covered here, please check the Twilio documentation [here](https://www.twilio.com/docs). + +The other two steps can be skipped using the *Skip setup* button. + +Afterwards, copy the value of **Messaging Service SID**. This is the value for the *Twilio Account SID* field in authentik. + +Navigate back to the root of your Twilio console, and copy the Auth token. This is the value for the *Twilio Auth Token* field in authentik. + +## Generic + +For the generic provider, a POST request will be sent to the URL you have specified in the *External API URL* field. The request payload looks like this + +```json +{ + "From": "", + "To": "", + "Body": ", +} +``` + +Authentication can either be done as HTTP Basic, or via a Bearer Token. Any response with status 400 or above is counted as failed, and will prevent the user from proceeding. diff --git a/website/docs/flow/stages/authenticator_validate/index.md b/website/docs/flow/stages/authenticator_validate/index.md index d0313b9bd..034da1110 100644 --- a/website/docs/flow/stages/authenticator_validate/index.md +++ b/website/docs/flow/stages/authenticator_validate/index.md @@ -5,8 +5,9 @@ title: Authenticator Validation Stage This stage validates an already configured Authenticator Device. This device has to be configured using any of the other authenticator stages: - [Duo authenticator stage](../authenticator_duo/index.md) -- [TOTP authenticator stage](../authenticator_totp/index.md) +- [SMS authenticator stage](../authenticator_sms/index.md). - [Static authenticator stage](../authenticator_static/index.md). +- [TOTP authenticator stage](../authenticator_totp/index.md) - [WebAuth authenticator stage](../authenticator_webauthn/index.md). You can select which type of device classes are allowed. diff --git a/website/sidebars.js b/website/sidebars.js index 4eb046302..a3593b3d8 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -115,6 +115,7 @@ module.exports = { label: "Stages", items: [ "flow/stages/authenticator_duo/index", + "flow/stages/authenticator_sms/index", "flow/stages/authenticator_static/index", "flow/stages/authenticator_totp/index", "flow/stages/authenticator_validate/index",