SignIn Help

Table of contents

 

SIGNIN authentication from Internet for Customer/Partners

What has changed with respect to authentication for Customers/Partners ?

Ans: Two-factor authentication has been introduced for Customers/Partners. It strengthens access security by requiring two methods (also referred to as factors) to verify your identity. These factors includes:
  1. Your username (x-***) and password as the first factor
  2. A 6 digit code generated from a smartphone app as the second factor

Following are the Prerequisites:

  • Applies only to Customers/Partner having a valid External account (eg:X-IJAZ) and password.
  • Authenticator app installed & configured on a smartphone which will generate a 6 digit password.

 

HOW TO INSTALL & CONFIGURE AUTHENTICATOR FOR SMARTPHONES?

  1. Download & Install OTP app on your smartphone from the following list of supported platforms:

  2. IOS Android Windows Phone


  3. Tap the "+" symbol to scan the QR code, which will automatically configure the device.

    Please contact Capgemini responsible person for your account (eg:X-****), if you have not received an email containing the QR code.


 

HOW TO INSTALL & CONFIGURE AUTHENTICATOR FOR WINDOWS OS (DESKTOP/LAPTOP) ?

  1. Download the zip file for the following supported platforms and extract its contents. There is nothing to install and only one file that you can run immediately.
  2. Windows 7 / 8.x / 10

  3. Double-click the WinAuth.exe file.

    If you get an error about missing .NET, please make sure you have installed Microsoft’s .NET Framework.


  4. Click the Add button in the main WinAuth window & choose “Authenticator” option.


  5. On the “Add Authenticator” screen, it requires the path of the QR code which you have received on email as an attachment. To do so, first save the QR code on your local system & copy the image path (Eg: D:\CGOTP\X-AKAZI.png):


  • On the “Add Authenticator” screen, paste the QR code path & click “Decode”


  • Click the OK button to save the authenticator. DO NOT SKIP THIS STEP.

  • On the “Protection” screen you can choose to protect WinAuth with a password or you can skip it & select OK.


  • You will now see your authenticator with the current code and a timer showing it counting down. Once the counter has ended the code will disappear.


  • Click the Refresh icon to show the code again. The code changes every 30 seconds.

  •  

    HOW TO INSTALL & CONFIGURE AUTHENTICATOR FOR GOOGLE CHROME BROWSER ?

    Prerequisites: Google Chrome browser installed on your Desktop/Laptop.

    Steps to Install Two-Factor Authenticator:

    1. To download & Install Two-Factor Authenticator, copy the following URL & open it in Chrome browser: https://chrome.google.com/webstore/detail/open-two-factor-authentic/dckgbiealcgdhgjofgcignfngijpbgba?utm_source=chrome-ntp-icon

    2. Click “Add to Chrome” to download & install the app. A pop-up window may appear with permission to add the app, select “Add App” to continue.


    3. Navigate to Chrome Apps (chrome://apps/) & you will find the “Open Two-Factor Authenticator” installed. Click on it to configure.

    4. On the first screen.
      1. Enter the master password of your choice to protect the OTP configuration. Remember this password for future use.

      2. Click “Custom Repository” to provide the path of local folder where the encrypted secret keys will be stored.

      3. Click “Submit” to save the configuration.


    5. On the “New Account” screen, it requires the path of the QR code which you have received on email as attachment. To do so, first save the QR code on your local system & copy the image path (Eg: D:\CGOTP\Ijaz.PNG)


    6. On the next screen, select “new account”. Select “Add an screenshot” & then click “Choose File” to provide the QRcode path which you saved in step 5 above (Eg: D:\CGOTP\Ijaz.PNG).



    7. You will now see your authenticator with the current code and a timer bar of 30 secs. The code refreshes every 30 secs which is your One-Time Password. You can use “Copy to clipboard” option to copy the code.


    8. To re-open the authenticator, navigate to Chrome Apps (chrome://apps/) & click “Open Two-Factor Authenticator”. Use the master password which you provided in step 4a above to open authenticator.

    9.  

      HOW TO INSTALL & CONFIGURE AUTHENTICATOR FOR FIREFOX BROWSER ?

      Prerequisites: Firefox browser installed on your Desktop/Laptop.

      NOTE: Due to a bug in Firefox Plugin (Open Two Factor Authenticator) version 0.1.4, it doesn’t allow to configure OTP using QR code. Hence it is recommended to use version 0.1.3 till a new update with the fix is released.

      Steps to Install Two-Factor Authenticator:

      1. To download & Install “Two-Factor Authenticator”,copy the following URL & open it in Firefox browser: https://addons.mozilla.org/en-US/firefox/addon/open-two-factor-authenticator/versions/?page=1#version-0.1.3

      2. Click “Add to Firefox” to download & install the app. A pop-up window may appear with permission to add the app, select “Install” to continue.





      3. Open Firefox & click the icon on the Top right to access “Open Two-Factor Authenticator”. Click on it to configure.

      4. On the first screen.
        1. Enter the master password of your choice to protect the OTP configuration. Remember this password for future use.

        2. Click “Submit” to save the configuration.


      5. On the “New Account” screen, it requires the path of the QR code which you have received on email as attachment. To do so, first save the QR code on your local system & copy the image path (Eg: D:\CGOTP\Ijaz.PNG)


      6. On the next screen, select “new account”. Select “Add an screenshot” & then click “Choose File” to provide the QRcode path which you saved in step 5 above (Eg: D:\CGOTP\Ijaz.PNG).



      7. You will now see your authenticator with the current code and a timer bar of 30 secs. The code refreshes every 30 secs which is your One-Time Password. You can use “Copy to clipboard” option to copy the code.


      8. To re-open the authenticator, navigate to Firefox & click “Open Two-Factor Authenticator”. Use the master password which you provided in step 4a above to open authenticator.

      9.  

        CUSTOMERS/PARTNERS ACCESSING FROM INTERNET

        Steps to access SIGNIN integrated application from INTERNET:

        1. External Users or Partners accessing any SIGNIN integrated application from internet would get the following page:.
        2. External Users or Partners should select “Customer/Partner” radio button which navigates to the Login page. Users should enter their EXTERNAL USERID (X-****) & EXTERNAL ACCOUNT PASSWORD.
        3. Post successful authentication SIGNIN redirects to the OTP (One Time Password) page. External User, Customer or Partner should use the OTP generated from the authenticator.
        4. Once OTP is validated SIGNIN redirects to the protected resource only if the content is allowed to External Users or Partners. If the content is blocked users will get an "Unauthorized Access" page.

         

        FAQS, INCIDENTS, PROBLEMS related to single USER

        Error:  Authentication failed

        Q.: On Step 2 above if user gets the error message: “Authentication failed”

        Ans:

        • User may have typed a wrong username or a wrong password
        • User’s account may have expired

        Please contact Capgemini responsible person (for account X-****) to check the validity of the respective user’s account in the corporate directory or to reset a new password.

         

        Q.: On Step 3 above if user gets the error message: “Authentication failed”

        Ans:

        • The 6 digit token expires in 30 secs, hence ensure to use the correct active token
        • OTP configuration on smartphone is incorrect
        • Dual Factor authentication is disabled for your External account

        Please contact Capgemini responsible person (for account X-****) to check whether Dual Factor option for the respective user’s account is enabled in the capgemini corporate directory.

         

        Error: This user is not active

        Q.: If the user gets the following error message: This user is not active

        A: The error shows that user’s account has been disabled in the active directory.
        Please contact Capgemini responsible person (for account X-****) to renew the validity of the respective user’s account in the capgemini corporate directory.

         

        Error: You are not authorized to access this application

        Q.: If the user gets the following error message: You are not authorized to access this application.
        Please contact the application webmaster for more information....

        A: This message states that the respective user is not allowed on the application
        This depends on the policy set for the application that is based on Employee Type, Groups belonging, or other more specific settings related to the employee profile in CORP AD. 

         

        Error: User doesn't gets an OTP Page OR User is getting redirected to Login Page again

        A: This could happen due to Internet Browser cache issue. Clear the Browser cache by deleting temporary files, cookies, saved passwords, web form information and then try again.

         

        Customer/Partner didn’t received the OTP email

        A:OTP configuration email is sent to the Registered Email Address of the respective External user. Incorrect email address may lead to non-delivery of OTP configuration email to the user.

        For non-delivery of OTP configuration email, customers/partners should contact Capgemini responsible person to verify if the registered email address is correct or to troubleshoot any other issues at Capgemini end.