First Time Access

Remaining Setup

Figure 1: Private Email Address Confirmation (Click image to enlarge).


The Identity Provider will then present you a window explaining that an email has been sent to your 'private email box'. This email contains a link (yes, indeed it is a clickable link, which is necessary as the security key provided is too complicated to type it in. But you should make sure that the link is pointing to our idp.strw.leidenuniv.nl identify server. Only after this verification you should click the link).


Now look at your private mail inbox and find there the mail with
Subject: LION Identity Management verification email
From: LION Identity Provider idp@physics.leidenuniv.nl
And body text, similar like this:

Someone is trying to setup two factor authentication on the LION Intranet system. If this was you, 
it is save to copy/paste the link below to verify your email address, but please do verify it is going to the 
Observatory Identity server: idp.strw.leidenuniv.nl.
  
The link for email address verification is: https://idp.physics.leidenuniv.nl/auth/realms/STRW/login-actions/
action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldU...
BqPjnSig&client_id=local.strw.leidenuniv.nl&tab_id=KADCiBDmsaY

This link will expire within 5 minutes.

If you didn't initiate two-factor authentication, just ignore this message.

where the text Link to e-mail address verification contains the link to verify and confirm your 2FA setup. For your information the link starts like: https://idp.physics.leidenuniv.nl/auth/realms/STRW/login-actions/action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiA... and the key is a long series of characters.

Pasting the link in a WEB browser asks again for your credentials. Submit this form and you are now fully setup for Two Factor Authentication.

A private email address is necessary to allow you to reset 2FA if necessary.

Back to 2FA main page