Skip to content
← Product Feedback

What problem could Octopus Deploy solve for you?

Product Feedback: Administration

Categories

(thinking…)

Two Factor Authentication

I need to implement some form of two factor authentication for Octopus due to regulatory requirements.

A very simple approach might be this: http://www.codeproject.com/Articles/403355/Implementing-Two-Factor-...

Used by Google, Twitter, GitHub etc.

Source: http://help.octopusdeploy.com/discussions/questions/1605

84 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Vanessa Love shared this idea  ·   ·  Report…  ·  Admin →

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Mike commented  ·   ·  Report

    Another +1 for Duo 2FA integration

  • Josh LeBow commented  ·   ·  Report

    +1 for SAML, it'd make integrating MFA into Octopus much easier.

  • Darren Aitcheson commented  ·   ·  Report

    SAML authentication would also be useful - every other tool in our CI/CD toolchain supports it, but not Octopus. If you're going to be taken seriously as an enterprise-level tool, you need to start implementing this kind of thing folks.

  • Tr commented  ·   ·  Report

    I would love to see Google or Azure multifactor authentication in Octopus Deploy.

    It would help me expose the Octopus Deploy endpoints externally, meaning engineers would not have to logon to the VPN to access the Octopus Deploy console.

  • AdminProduct Team (Admin, Octopus Deploy) commented  ·   ·  Report

    In 3.5 we have implemented both Azure AD and GoogleApps Auth. Both support 2FA and have been mentioned in the comments of this suggestion.
    We realize this is not Octopus supporting 2FA (only that these services also have 2FA as a feature) so we will not close this suggestion as completed.
    However, if those above solutions are what you were looking for and why you voted, please remove your votes from this suggestion so we have an idea of the need that is still out there.
    3.5 also added extensibility for authentication (all OSS), so if there is a great need, and you have the means and expertise we would absolutely review your PR :)

  • Sujan Gurung commented  ·   ·  Report

    I am currently trialing octopus deploy.. it's a great .net deployment tool, however our production deployment requires high security process in place. I wish this feature gets implemented soon.

  • Kristian Jensen commented  ·   ·  Report

    We need this as well. Would love to see support for PingID or Duo. We need to rolleout 2FA for all systems, so we might need to discontinue Octopus, if no 2FA support is in the pipeline.

  • Tim Stokes commented  ·   ·  Report

    Anyone got any clever ideas how to add a MFA step into the release process, i.e with a Powershell script? For example, before deploying to production, a one time password is required from a verified device (be it SMS, Google Authenticator, Duo, Authy, etc)

  • James Harling commented  ·   ·  Report

    +1 for DuoSecurity. Google Authenticator would be acceptable too, but Duo would be a real win.

  • Adam Schaible commented  ·   ·  Report

    I would love to see this too. DuoSecurity would work great for us.

  • Devi Patel commented  ·   ·  Report

    This would be a huge feature for us. It's fairly straight forward with Twilio to get mobile codes flowing.

  • Dru Sellers commented  ·   ·  Report

    decreasing the number of logins we have to have is a huge win. and AD won't work due to forest trust issues across our three domains.

  • Mike Kinloch commented  ·   ·  Report

    This would help us with our regulatory requirements around PCI DSS. Love to get this feature asap.