Skip to main content

Set up multi-factor authentication in Provider Portal

You can enable multi-factor authentication (MFA) in Provider Portal to add an extra layer of security when users log in.

D
Written by David Bayley-Hamilton
Updated over a week ago

Multi-factor authentication requires users to verify their identity using a code sent to their phone each time they log in to Provider Portal. MFA is powered by Twilio, an external authentication service. As an administrator, you need to create a Twilio account and configure the MFA settings in Abacus before Provider Portal users can use this feature.

โš ๏ธImportant: MFA is a chargeable service provided by Twilio. The contract for this service is between your organisation and Twilio. You can create a free trial account to test the functionality before committing.

Create a Twilio account

Before configuring MFA in Abacus, you need a Twilio account to process authentication transactions.

  1. Open a browser and go to https://www.twilio.com/try-twilio.

  2. Complete the registration form and click Start your free trial.

  3. Check your email and verify your email address.

  4. Enter your phone number and click Verify. A verification code is sent to your phone.

  5. Enter the code and click Submit.

  6. On the customisation screen, click Skip to dashboard.

  7. On the dashboard, click Get a Trial Number.

  8. Review the number offered and click Choose this Number.

  9. Return to the dashboard and note the following values โ€” you will need them for Abacus configuration:

  • Account SID

  • Auth Token

  • Trial Phone Number

๐Ÿค“Tip: You can set up verified phone numbers in Twilio for testing before enabling MFA for all users.

Configure MFA in Abacus

MFA is administered in the Abacus Administration module, not in Provider Portal directly.

โš ๏ธImportant: You need the relevant administration permissions to access the MFA settings.

  1. Log in to the Administration module.

  2. Navigate to Administration > Security > Account Policy and scroll to the bottom of the page.
    - Alternatively, navigate to Administration > System Settings > System Settings, then open the Security > Account Policy folders.

  3. Tick the Enable Multi-factor authentication checkbox.

  4. Enter the SMS Account ID from your Twilio dashboard.

  5. Enter the SMS Authentication Token from your Twilio dashboard.

  6. Enter the SMS Phone Number (your Twilio trial or purchased number).

  7. Click Save.

Log in to Provider Portal with MFA

First login โ€” register your phone number

The first time a user logs in after MFA is enabled, they are asked to register a phone number.

  1. Open the Provider Portal login screen.

  2. Enter your Email and Password, then click Login.

  3. On the Update Phone Number screen, enter your mobile number in international format (for example, +447546XXXXXX โ€” use the country code and drop the leading zero).

  4. Click Send Verification Code.

  5. A six-digit code is sent to your phone. Enter the code and click Verify Code.

  6. You are returned to the login screen.

โš ๏ธImportant: Enter your phone number in the correct format. Use the country code and drop the leading zero, for example +44 for the UK.

Subsequent logins

After your phone number is verified, future logins follow a simpler process.

  1. Enter your Email and Password, then click Login.

  2. A six-digit code is sent to your registered phone number.

  3. Enter the code and click Verify Code.

  4. You are logged in to Provider Portal.

๐Ÿค“Tip: If you cannot receive the SMS, click Send code to email to receive the code by email instead. Your email server must be configured to support this option.

Change your registered phone number

If you need to change the phone number linked to your account:

  1. Log in to Provider Portal.

  2. Navigate to Administration > My Details.

  3. Update your phone number in the Multi-factor Authentication section.

  4. Click Update. A new verification code is sent to the new number.

  5. Enter the code to verify the change.

Disable multi-factor authentication

If you no longer want to use MFA, you can switch it off.

  1. Log in to the Administration module.

  2. Navigate to Administration > Security > Account Policy (or System Settings > System Settings > Security > Account Policy).

  3. Untick the Enable Multi-factor authentication checkbox.

  4. Click Save.

The login process reverts to the standard email and password procedure.

Troubleshooting

Proxy issues

If your network uses a proxy server, MFA may have difficulty connecting to the Twilio service. A proxy bypass option is available in the Provider Portal web configuration file.
โ€‹
To configure:

  1. Open the Provider Portal web configuration file.

  2. Uncomment the defaultProxy container.

  3. Enter your organisation's proxy address in the proxyaddress field.

  4. Save the file.

๐Ÿ“ŒNote: Contact your network administrator to obtain the correct proxy address for your organisation.

Related Articles
Log in to Provider Portal with multi-factor authentication
Configure Provider Portal payment settings
Did this answer your question?