The AthenaMFA Portal allows organisations to manage applications, domains those applications will use, and the API key’s your website or applications will use to integrate with AthenaMFA.
To access the AthenaMFA Portal, go to https://portal.athenamfa.com/ and register for your free account.
You can start using your free account immediately. Until you confirm your registration, you will be able to start using the platform, but you will be limited to a single website or application and your account will only be valid for 21 days.
Once your account is confirmed you will have free and unlimited access.
Confirming your account
When you register, we will send you a confirmation email with a registration code. To complete the registration process log in to the AthenaMFA Portal, click the Profile link on the main top nav bar.
Within the profile page click the Verify button and enter the registration code sent to you via email , if all is good your account is now verified, and you have unlimited access to the platform.
If you do not receive a registration email, from the Profile page, click the Verify button and in the popup window click the Resend Code button, this will send a new registration code.
Make sure you check you Junk folders just in case.
Deleting your account
If you no longer wish to use the AthenaMFA service, you can delete your account.
Click the Profile link on the main top nav bar, from the Profile page, click the button Delete Account, you will be asked to confirm this action.
This action is permanent, once you have confirmed you wish to delete your account, we will remove all data from our platform.
To be able to use the AthenaMFA platform to authenticate users we need to know a little about the website or application which is going to be making authentication requests.
An application in the AthenaMFA platform is tied to a domain, you can have multiple applications configured for the same domain.
The reason we use domains is for validation, when authentication requests are sent to a user, we also send the domain the request has come from, before you can send a request for a domain it needs to be validated which will we detail the process in the following sections.
Creating an application
From the Applications page, click the New Application button, you will be prompted to enter a title for your application and the domain you wish to send authentication requests from, the domain can be a wildcard domain if you wish.
Click the create button and if successful you will be redirected to the application page.
Before your application or website can send authentication requests you need to validate the domain associated with it.
From the application page, click the Settings tab where you will find details of your application configuration.
Scroll down to the Domains section where you will find all the domains associated with the application.
We use DNS to validate the domain, for each domain in your application you will need to create a TXT record with your DNS provider with the name and value given to you.
We will check every 15 minutes for the DNS record for your domain with the name and value, once we have successfully found the DNS record, we will set your domain to Validated and you can then start sending authentication requests from it.
If after 24hrs we have not been able to validate your domain, we will mark it as failed. If this happens, check your DNS record and confirm it is correct. Once you are happy, click the Revalidate button and we will start the checks again.
Once a domain is validated you can delete the TXT record from your DNS if you wish.
Each DNS provider has a different method for managing DNS records, please follow your DNS providers guide for creating DNS records.
Adding additional domains
You application may have more than one domain, if so, you can add additional domains to your application.
Go to the Settings tab for your application, above the domains section click + button.
Enter the domain name you wish to add and click Add Domain button.
Once the domain is added, you need to validate the domain.
Deleting a domain
To delete a domain from your application, go to the Settings tab for your application and scroll to the domains section.
For the domain you wish to delete, click the trash button, you will be asked to confirm the action.
Once confirmed the domain will be removed from the application and you will no longer be able to validate against it.
When you create an application, it will automatically generate an API key, this API key is used by your application or website to make requests to authenticate users.
This can be found by going to the Settings tab for your application, it is important you keep this API key secret and secure.
If for any reason you feel the API key has been compromised, you can generate a new one by clicking the Generate New Api Key button.
Be aware that generating a new API key will immediately invalidate the old, and any website or application using it will not be able to send authentication requests until they are updated with the new key.
Deleting an application
If you no longer wish to use AthenaMFA with an application or website, you can delete the application.
Go to the Settings page for the application you wish to delete, click the Delete Application button, confirm you wish to delete the application and click the Delete button.
Once an application is deleted, it will be removed from the platform immediately, any website or application using the API key will no longer be able to make authentication requests using it.
An application is unique to your AthenaMFA portal account, but you can grant other AthenaMFA Portal users’ access to it to perform administration functions.
You can only add an administrator who is a verified AthenaMFA portal user.
Go to the Administrators tab for your application.
Click the + button, enter the email address of the verified AthenaMFA portal user you wish to add and click Add Administrator button.
Make sure you only add administrators you trust as they have complete access to your application, the only restriction is that they are not able to add, remove other application administrators or change the application owner.
Deleting an application administrator
If you wish to delete an application administrator.
Go to the Administrators tab for your application, next to the administrator you wish to delete click the trash button, confirm you wish to delete them and click the Delete Administrator button.
Once this action is complete, they will be immediately removed from your application, and they will no longer be able to administer it.
Change the application owner
If for some reason you no longer manage an application, but you do not want to delete it, you can change the application owner to another AthenaMFA portal user.
Go to the Administrators tab for your application, find the administrator you wish to make the owner and click the change owner button.
Confirm the action and click the Change Owner button, they will be immediately be set as the application owner.
Please be aware that doing this will immediately give them full access and you will be unable to take ownership unless the new owner sets you as the new owner.