HomeGuidesAPI ReferenceChangelog
Log In
Guides

Multi-factor Authentication (MFA)

Summary

Plug will roll out beta support for MFA on September 18th, 2024 and GA on October 14th, 2024.

If you are a Utility Cloud customer, you can reference this guide or use the Plug Dashboard.

How to connect accounts with MFA

After its release, to connect an account that requires MFA, simply follow the following steps:

Linking an account for the first time

  1. Login to the Dashboard.
  2. Navigate to the Credentials section.
  3. Click + Add credentials first, then Add a credential manually and select Get Started.
  4. Select your provider with MFA from the Connect dropdown.
  5. Enter your associated credentials.
  6. After a brief moment, you will be asked to select a device to send a one time password to (OTP).
  7. Note the OTP from the email or text message received and enter OTP in Connect. Click Submit.
  8. Given the correct OTP has been entered, the new connection will be established.
  9. After the connection is established, Plug will save the MFA token in order to bypass MFA when pulling data from future bills.

Updating an existing credential that requires an MFA one time password (OTP)

You may be required to update the MFA token if you have had a connected account prior to the provider rolling out MFA or if the MFA token expires. In either case, updating the MFA token is as simple as following the steps below:

  1. If a credential requires an MFA OTP, you will be notified via Dashboard notification, credential status, and webhook.
  2. Login to the Dashboard.
  3. Select the Action required button on the Credentials card.
  4. Click the username for a given credential that needs to be updated.
  5. On the Credential Detail page, you can click the button Update credential
  6. In Connect, enter the password for your credential.
    1. An admin can view passwords in the Dashboard.
    2. Standard users cannot view passwords in the Dashboard.
  7. After a brief moment you will be asked to select a device to send a OTP.
  8. Retrieve the OTP from the email or text message and enter the code in Connect.
  9. Given the correct OTP is entered, the connection will be re-established and data will continue to flow.

Connecting to a 3rd party or customer’s account

If you manage credentials for your customers or 3rd parties (meaning you don’t possess the phone or email address that will receive the MFA OTP), you’ll need to engage with those 3rd parties to submit their MFA token into Connect.

To do so, you’ll need to send them the Connect URL from the Dashboard. You can find the URL on the Connect configuration page of the Dashboard. When the 3rd party opens the URL, they will be invited to submit their password and then the MFA OTP code that the provider sent to the device that the 3rd party previously registered with the provider. You can view credentials that need to be updated by selecting the Action required button on the Credentials card on the health overview page.