ACTION NEEDED: MFA for CPL A2A Integration site (Administrators)
As part of the Claims Portal upgrade work, we are taking the opportunity to upgrade the A2A Integration site into a new Integration & Training site. To improve security, we will be introducing multi-factor authentication (MFA).
This is a preparatory step in readiness for migration to the new Integration site and needs action taking this week.
Log in to the A2A Integration site:
If you cannot access the Admin section due to expired password, you should use “Cannot access my Administrators Account” to change your password. Administrators who use the original Admin UserIDs provided by Support must use these UserIDs when they login or when they change their password.
The MFA Contacts block will be visible for Admin users only.
Administrators will need to need to access their Admin account and follow the MFA validation procedure detailed below. The data entered will be migrated to the new Administration Console at a later date and will be used for MFA token delivery.
1. Click on “User” and look up your UserID. Check and update the Personal information: The account must be personal and include your First Name and Surname.
2. Click on “Edit” button.
3. Type in your MFA email address (this should be unique within your organisation) in the field and click on “Confirm”.
4. If your email is already in “Verification Pending” status, go to step 6; otherwise, you should see that your email is in “Not Verified” status. To start the email verification procedure, click on the “Verify MFA Email” button.
5. Ensure your email is now in “Verification Pending” status. This means that an email has been delivered to the email address entered aiming to certify your email address.
6. You will receive an email containing a unique link that you will need to click on to complete the email verification procedure. The link is valid for 24 hours; if the verification procedure is not completed with this time, you will need to request a new MFA token.
7. Close all your browser windows. Click on the link contained in the email to open the login page of the portal for the relevant environment. Log in with your usual credentials. You’ll see the confirmation page. Click on Continue.
Note:
The same MFA email rules will apply to users in a2a Test and Training as in Production - MFA email address must be unique within the Organisation. When we setup users in a2a Test for the first time, Support generate a sequential Organisation ID and set up the Administrators with web access as per the example below and attached. Passwords sent in separate email.
If Administrators cannot access the Admin section as their password has expired they should use the “Cannot access my Administrators Account” to change their password. Administrators who use the original Admin UserIDs provided by Support must use these UserIDs when they login or when they change their password. It would be a good idea to encourage the Administrator to personalise their Admin account.
Example
Organization ID: "CR00999”
Organization ID: "COMP999”
To act as CR ADMINISTRATOR in A2A web Username = CR00999_su
To act as COMP ADMINISTRATOR in A2A web Username = COMP999_su
Following migration, each Administrator will need to check their organisation’s list of Integration users and identify those that are generic and do not contain an individual’s forename and surname. The Administrator will need to edit each user where this is the case and add the user’s forename and surname and ensure that every user/userID has a unique email address.
If you act as an administrator on behalf of another organisation, you should assist them to complete this requirement or do it on their behalf.
If you are not the administrator for your organisation, please forward this to the right person to ensure that they take this action.
Thank you in advance for your swift attention to this matter. Please reach out to our support team if you need assistance.
Regards
Phil Dicken
Chair, Claims Portal Ltd