Hardware tokens for Arbor MIS two-factor authenticationArbor is a cloud-based MIS for Primary, Secondary and Special Schools. The system was originally designed to use TOTP apps, such as Google Authenticator to be used for two-factor authentication. As our programmable tokens can be used as drop-in replacement of such apps, it is possible to use them for securing your Arbor MIS login. The guide below will show how you can enable and use Token2 programmable hardware tokens with Arbor MIS.
- An Arbor account (regular, no admin rights needed)
- A Token2 programmable token (the guide below shows C301i as an example)
- An iPhone device with NFC enabled - this is needed for the enrollment only, subsequent logins will only require the hardware token
1. Install the provisioning tool
Download and install the supported provisioning app for your device type. Refer to this page to find the correct app for your token and the operating system. For our example, we selected the C301i as the token model and iPhone as the platform.
the app we will be using for our example is TOKEN2 NFC Burner
Check NFC Connectivity
Next, make sure the app can communicate to the token. To do this, launch the NFC Burner app and click on "get token data" button. The app will open the NFC prompt. Then, turn the token on (it should show digits or dashes on the LCD) and touch the top of the device (near the speaker). If the NFC connection is successfully established, you should see the serial number and the system time of the token in the 'Results' textarea.
Once you have the NFC Burner app and the token ready, you can start the provisioning process by logging in to Arbor MIS.
Logging in for the first time
When you log in for the first time, you will need to set up a link between your authentication app and your school’s MIS. Go to the login page of your school’s MIS, fill in your login details and click Log in.
Once you successfully log in, you will be asked to set up a link to your authentication app.
In our case, we will be using our NFC Burner app and not the Authentication App as proposed by the wizard. On the next step, the page will show a QR code that you have to scan using your NFC Burner app on your iPhone.
When you see the QR code similar to the one above, on your iPhone, launch the TOKEN2 NFC Burner app and click on 'scan QR' button.
Point your iPhone camera to the QR code shown
Once the QR code is detected by the app, the Seed field should be populated with the hex value of the TOTP profile encoded in the QR image
Then, click on "Burn" button, turn the token on and touch the top of the device when prompted
Make sure the results area shows 'seed successfully applied'
Turn the token off and on again to get the new OTP generated
In the Arbor's window, enter the 6 digit OTP shown on the token to the Verification code field and click Log in
This completes the enrollment. For subsequent logins, you will be using only the hardware token - when a verification code is requested, just type in the code generated by your token and click on 'Verify Access'
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!