Deploying the Cloud MFA Authentication App

Updated 2 weeks ago by admin

This document is intended for end-users of the Cloud MFA service and describes how to deploy the Entrust ST Authentication App for generating soft tokens.

  1. Download the dedicated Entrust ST Authentication App for secure end-to-end delivery of OTP's (One Time Passcode's). The app is available for iOS and Android smartphones.
Note that the Cloud MFA service can also be used with third party applications such as Google Authenticator and Authy
After installing the app ensure that you enable PIN protection

Activating your Soft Token

Your Cloud MFA administrator will enable your account for soft token use. You will receive an email containing a QR code, for example:

A token activation is only valid for 5 minutes

Android Activation

Open the Entrust ST app, tap the top left hamburger menu and select Scan QR code and then tap the + icon to scan the QR code.

You will be prompted to enter the password to unlock the QR code. The password is provided as part of the activation email. Optionally, change the token name if required.

iOS Activation

Tap the QR code icon in the bottom right to register the token.

You will be prompted to enter the password to unlock the QR code. The password is provided as part of the activation email. Optionally, change the token name if required

Using Push Authentication with the App

If the Cloud MFA administrator has configured your account to use push authentication, then the app will notify you pending authentication requests. Tap a notification to open the Entrust ST app.

If you have enabled PIN protection (recommended) then you will be prompted enter your PIN code.

Once the app has opened, you will be presented with options to accept or deny the push authentication.

  • Confirm - confirm the authentication request. This action will be logged.
  • Cancel - discard the authentication request. This action will not be logged.
  • Concern - if the authentication request is not expected or you believe it is suspicious, this will den the request. This action will be logged.

Using the app for Soft Token generation

If the Cloud MFA administrator has configured your account to use Soft Token authentication, a soft token/OTP will be automatically generated every 30 seconds when the app is opened. You can use this token to authenticate when prompted.


How did we do?