View Source

We offer a new security feature in Cangooroo, so that it is possible to require the user to login in two steps with Google Authenticator.

With 2-step verification, also known as two-factor authentication, you add an extra layer of security to your Cangooroo. After configuring this feature, registered users will log in in two steps using:

something the user knows (the password itself);
something that the user has, like the smartphone or a security key.

The functionality can be configured for operator, base and agency users. It is worth mentioning that this type of security feature cannot be used in API users. The configuration is optional and must be done by the Operator, obeying the following rules:

Operator	Agency	Behavior
Active	Active	Active
Inactive	Active	Inactive
Inactive	Inactive	Inactive
Active	Inactive	Inactive

Active Behavior: ask for the GA app code
Idle Behavior: don't ask for the GA app code

In other words, for the resource to work, the configuration must be done both at the Operator's Cangooroo and at the agency's.

After hiring the functionality from our Commercial sector, to make it active, at the Operator's Cangooroo, access the "Registration" menu and, in the "Operator" field, click "Setting". At the bottom of the page, enable the “Enable Google Authenticator” feature:

Client Knowledge Base - Cangooroo > Enable 2-step verification on your Cangooroo > Configuração-inglês.png

To set up at the agency, access the “Registration” menu and, in the “Client” field, click on “B2B (Agencies)”.

Client Knowledge Base - Cangooroo > Enable 2-step verification on your Cangooroo > Agência-Inglês.png

Select the agency you want to deploy 2-step verification on and click the edit icon :

Client Knowledge Base - Cangooroo > Enable 2-step verification on your Cangooroo > Agência-Edição-inglês.png

At the end of the agency's registration page, leave the “Enable Google Authenticator” field active:

Client Knowledge Base - Cangooroo > Enable 2-step verification on your Cangooroo > Agência-Habilitar-inglês.png

When Behavior is "Active" the system will require the user to enter the code generated with Google Authenticator at the time of login to Cangooroo. Likewise, when the user wants to change the registration data for himself or for the agency, he must inform the GA code.

For cases where the behavior is active and the user does not have a GA token, we will follow the following flow:

Upon login, the system will inform you that a link has been sent to the user's email.
In the link sent to the email, the user should see a field to enter their password and click on "Step 2".
Then, the QR Code will be displayed for reading in the mobile application. Just enter the generated code to end the user's association with GA.

It is important to make it clear that the link sent by email remains valid for a maximum of 30 minutes.

Are you interested in activating the 2-step verification module on your Cangooroo? Contact our Commercial department by e-mail [email protected].