home

MinistryPlatform

RealmRealm AccountingMinistryPlatformeGivingPDSACSConnectShepherdGrowth MethodHeadMasterRefresh WebsitesTrust CenterGo MethodMissionInsite
RealmRealm AccountingMinistryPlatformeGivingPDSACSConnectShepherdGrowth MethodHeadMasterRefresh WebsitesTrust CenterGo MethodMissionInsite

What would you like to know more about?

Show Contents

Show Page Sections

thumbnailMinistryPlatform

System Administration

Authenticate Via Code

Got passwords? Us too! To help track, remember, and correctly enter all those passwords, we have the solution: authentication via code. Authenticating via code is a secure and alternative method to log in "on demand" without the need to remember or reset your passwords.

  • Authenticating via code is an all-or-nothing proposition. It's either on for everyone or off for everyone.
  • Users cannot authenticate via code if they use a shared email address or shared phone number.
  • If you've enabled multi-factor authentication (MFA), the user receives a second code when it's multi-factor time.
  • If a code is expired or entered incorrectly, the User may try again and can request a new code.

User Walkthrough

If you enable authentication via code, your Users experience a familiar multi-factor authentication flow:

  • On the login screen, they can receive send a code rather than entering their username and password.
  • During this process, they can select Keep me logged in on this device.
  • When they click Get One-time Code, the system asks them whether they'd like to receive their code by email or text message.
    Note: If SMS isn't configured for your Domain, the text option doesn't display.
  • Within fifteen seconds of the request, the user receives a six-digit code to their selected method.
    Note: The Platform sends messages and logs them in the Message Log.
  • On the login screen, they'll enter their code in the corresponding text box. A ten-minute countdown clock displays to indicate when their code will expire.

Configuration

MinistryPlatform uses Google reCAPTCHA to protect this process from bots and automated attacks.

Like all things related to login, you must configure your Domain record for authentication via code. There, you must add a reCAPTCHA Site Key and reCAPTCHA Key Secret.

Generate reCAPTCHA Site Key & Secret

Create a "Classic reCAPTCHA key", not "Enterprise". If you see a message about Enterprise at the top of your screen, click Switch to create a classic key. Your options should look like this:

Google reCAPTCHA webpage showing options to set up a classic key

  1. In your browser, go to https://www.google.com/recaptcha/admin/.
  2. Log in using your Google credentials.
    Note: The authenticated Google account is automatically listed as an owner, so choose wisely.
  3. Provide the required information.
    • Label: Enter a label that identifies your site.
    • reCAPTCHA type: Select reCAPTCHA v3 to verify requests with a score.
    • Domains: Add at least one Domain. This must match your base domain. For example, in "https://example-church.com/mp", the domain is "example-church.com".
  4. Review and accept the reCAPTCHA Terms of Service.
  5. Select whether owners should receive alerts about problems with your site.
  6. Click Submit.

After saving, the reCAPTCHA Site Key and reCAPTCHA Key Secret generates so you can copy and paste them into your Domain record.

Configure Authenticate via Code in the Platform

  1. Go to System Setup > Domains Account.
  2. Click Edit Record.
  3. Set Auth Code Enabled to Yes.
  4. Copy and paste the reCAPTCHA Site Key into the reCAPTCHA Site Key field.
  5. Copy and paste the reCAPTCHA Key Secret into the reCAPTCHA Key Secret field.
  6. To send the code through text, confirm that you configured the SMS fields.
  7. Click Save.
portal
MinistryPlatform

Last updated: October 29, 2024