MFA and SSO Configuration
Multi Factor Authentication - MFA
We use Keycloak as identity and access management solution for web UIs and specific APIs, which by default requires email verification and multi-factor authentication using authentication applications like Google Authenticator, Microsoft Authenticator, or Password Managers like 1Password.
Identity Providers - IDP
Keycloak supports Single Sing-On (SSO) using OpeID Connect (OIDC), SAML 2.0 and Kerberos protocols to allow connections with external identity providers like Microsoft Entra ID, Google Identity Platform (GIP) and many others, Also personal social network connections like Google, Github or Facebook are supported. In these cases the MFA is delegated to the identity provider used for the login.
Supported Protocols and Social Connections
Here a list of configurable protocols and social connections:

We also provide a secure proxy to support SSO and MFA with UIs like Kibana witch not provide SSO connections.
SSO with Identity providers
To be able to configure your organization identity provider you will need administrative access permissions.
We will provide you with …
Callback/Redirect URL
Login URL
After configuring your IDP, you will share with us in a secure way …
Client ID
Client Secret
OIDC Discovery URL