Logging in to an application with IBM MFA Out-of-Band

You use the IBM® MFA Out-of-Band logon web page to provide the required authentication tokens. Your security administrator has determined which tokens you must provide.

Perform the following steps:

1. Use a web browser to connect to the bookmark provided by your security administrator, typically https://servername:port/mfa/policy-name.
2. Follow the web interface to enter the required tokens.
   Note: Your administrator determines the maximum amount of time you have to complete all authentication factors, starting from the time you successfully entered your RACF® user name. If you do not complete all authentication factors within this time period, you must start over.
3. As you successfully enter the required tokens, the IBM MFA Out-of-Band web page prompts you for the next one.
4. When you have satisfied all of your token requirements, the IBM MFA Out-of-Band web page displays the cache token credential.

              Cache Token Credential
            You have satisfied the authentication policy.
                          CREDENTIAL
          Click the above Cache Token Credential to copy it to Clipboard, 
          and use this in place of your password to access applications

5. Manually enter or copy/paste the cache token credential as your password, as appropriate.
   Note: If you are using Internet Explorer and use the cache token credential copy feature, be aware that Windows Internet Options settings can affect its function. Specifically, the "Allow Programmatic Clipboard Access" setting in one or more applicable zones can disable this feature or require you to respond to an additional prompt. The "Allow Programmatic Clipboard Access" setting is typically controlled by the system administrator.
   On the z/OS® system, IBM MFA validates the cache token credential and allows or denies the logon.