/
MFA - Multi Factor Authentication Login

MFA - Multi Factor Authentication Login

Overview

Multi-Factor Authentication (MFA) adds an extra layer of security to your XCALLY environment.
It requires users to provide two distinct forms of identification before accessing the system.

  • First factor: User password

  • Second factor: A one-time verification code (OTP) sent via authenticator app or email

Β 

Configuration

  1. Β Login to XCALLY and from the command top bar, click on the User Information Button

  2. Expand the Button and access to Manage MFA section:

Β 

  1. Follow the on-screen instructions in XCALLY.

You can enable MFA using one of the following options:

  • Authenticator App: a time-based code is generated in your authentication app, e.g., Google Authenticator, Authy

  • Email: a one-time code is sent to your registered email address

If you enable MFA via Email, ensure SMTP settings are properly configured

  • A verification code is generated and sent (via the selected method)

  • Enter the code in the Verify code field

  • Click Enable to activate MFA.

Enforce MFA (as Admin)

Administrators can enforce MFA for all Agents and Users.
Navigate to General Settings β†’ Security to enable the option.
When MFA is enforced by the Admin, All Agents and Users must log in using MFA and users cannot disable MFA on their own.

Admins can also disable MFA for all users from General Settings β†’ Security

Login with MFA

To log in when MFA is enabled:

  • Enter your username and password in the login form.

  • Enter the One-Time Password (OTP):

    • From your authenticator app, or

    • From your email inbox (if MFA via Email is active)

Access will be granted only after successful OTP validation.

Disable MFA

To disable the multi-factor authentication as a user:

  • Login to XCALLY and from the command top bar, click on the User Information Button:

  • Expand the menu and access to Manage MFA section:

  • Click on Disable MFA

Β 

  • Administrators can disable MFA for Agents or Users when necessary (for example, after a phone loss or device replacement).

    • Navigate to Staff β†’ Agent β†’ Edit β†’ Account

    • In the Authentication section, select Disable MFA.

⚠️ This feature is useful when the user cannot access their previous MFA device or needs to re-enable MFA on a new one.

Β