Does anyone have a solution for handling MFA for a Raiser's Edge NXT service account user?
Our Raiser's Edge NXT instance is not integrated with Single Sign-On (SSO). Because of this, users in our organization occasionally need to complete Multi-Factor Authentication (MFA) when logging in—typically when using a new device, connecting from a different network, or if the browser has cleared its saved session.
Personally, I use the Microsoft Authenticator app to enter the six-digit code, but most users choose to receive the code via text message.
For our service account, multiple team members need access when developing and testing Power Automate flows using the Blackbaud connectors. We store the username and password for the service account in our secret server, but we don’t have a centralized way for any team member with access to those credentials to receive the MFA code for that account.
The service account does have an email address associated with it, but there isn't a phone number we can use for SMS. For now, I added the service account to the Microsoft Authenticator app on my personal phone (in addition to my own RE NXT account), but how can others on my team authenticate the service account with RE NXT without my phone?
Answers
-
Your teammates don't need to share MFA credentials for service account's access to RE NXT if the only purpose it exists for is to support Power Automate RE NXT connections.
I’m assuming each staff member already has their own RE NXT login. If they need to view or reference data in the database, they can do so using their individual accounts rather than the service account.
Please let me know if that assumption is incorrect.
0 -
We use BitWarden for shared accounts with MFA. It has a built-in authenticator so when you share the credentials with your team, they also have access to the codes they will need to sign in.
I believe this is only available in the paid plans.
I could also imagine some custom workaround where you have a phone number for this purpose that forwards texts to an email distribution group that includes everyone who would need the code. You'd all get an email anytime anybody logs in with that account, but if it's a service account that probably won't be very often?
0
Categories
- All Categories
- 6 Blackbaud Community Help
- 213 bbcon®
- 1.4K Blackbaud Altru®
- 403 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.6K Blackbaud Financial Edge NXT®
- 656 Blackbaud Grantmaking™
- 576 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 939 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.6K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 248 ResearchPoint™
- 119 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 241 Member Lounge (Just for Fun)
- 34 Blackbaud Community Challenges
- 34 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Chat for Blackbaud AI
- 3 (Closed) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 793 Community News
- 2.9K Jobs Board
- 54 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)