1. Home
  2. Archive
  3. Access Manager archive
  4. Administration Guide
  5. Access Manager Authentication
  6. Access Manager: SMS Authentication using Email-to-SMS Gateways

Access Manager: SMS Authentication using Email-to-SMS Gateways

Can't find what you're looking for?
Request Supporthere

system 24 February, 2022
This article is marked as obsolete.

OTP authentication by default sends one-time passcodes to an end user's email address this can be defined as a different address to the one identified through AD but OTP authentication can also forward one-time passcodes to an end users mobile phone. This article shows you how to use an email-to-SMS gateway to send OTP authentication passcodes as an SMS to an end users mobile phone.

Configure Email-to-SMS Gateway

1. Configure your email-to-SMS gateway. Below shows the configuration for the Echo for Email service provided by esendex.

 

A sender email address has to be added since Access Manager is the sender copy the 'Default Sender Address' from  Configuration->Network->Mail as shown below to the esendex allowed email senders address list. Each service provides a number of unique features including security options you should configure your service appropriately.

 

Configure Authentication Scheme

Now that the gateway is set-up its time to enable OTP authentication which will email the one-time password to the users mobile.

Navigate to Authentication->Setup and add the OTP module into the appropriate flow. In the image below I have added it to Password Reset for the Browser front-end.

 

End-User Configuration

The final configuration step is setting up the OTP email address. From the end-user account page (My Account) the end user needs to add their mobile phone number post-fixed with the email-to-SMS gateway domain name as the 'One-time password email address' (found towards the bottom of the My Account Page). The domain name and precise email format varies between vendors for esendex the format is <mobile number>@echoemail.net as shown below:

 

Receiving SMS OTP Authentication Code

With everything configured it is time to send out the one-time passcode during password reset authentication. On the the OTP authentication step the user is requested to enter in the unique one-time passcode as below:

 

This passcode however is now sent via the email-to-SMS gateway to the end users mobile phone as an SMS as shown below:

 

This passcode can then be entered into the OTP authentication step to authenticate the end user.