Certificates: - At the autologon routing entry the keyword SSLCC must be defined. - At the reverselogon routing entry the keywords SSL and CCR must be specified.
Time-based One-Time Password (TOTP): - At the autologon routing entry the keyword TOTP must be defined. -- TOTP:[email][!SecurityID] ... email and SecurityID are optional and are default values when prompting to start the autologon session. - At the reverselogon routing entry the keyword TOTP (without parameters) must be defined. -- Additionally the keyword OTPU may be specified.
OAuth 2.0: - At the autologon routing entry the keyword OA2:provider must be defined. - At the reverselogon routing entry the keyword OA2:grouplist must be defined. -- Additionally the keyword OA2U may be specified.
Remarks: Initial configuration of the (Microsoft or Google) authenticator can be done via a logon rule configured for TOTP.
reverselogon routing entries can handle certification authentication and TOTP authentication at the same time. In this case the keywords CCNRQ and TOTP must specified. If certificate authentication fails, TOTP authentication will be tried.
