Two-Factor Authentication

Article Number:02042

The two-factor authentication is an authentication method that uses two disparate factors to verify the identity of a user.

If you enable the two-factor authentication, you will be prompted for your "login name and password" and "verification code" whenever you log in to Kintone.
You obtain the "verification code" from the authentication app installed on your mobile device.

Figure: Illustration of login flow with the two-factor authentication

Using two-factor authentication enables you to prevent unauthorized access by third parties even when they identified the combination of the user's login name and password. It is because it requires the authentication that uses "the mobile device that only the user possesses" for a successful login.

Setting Up the Mobile App

If you enable the two-factor authentication, you must provide the "verification code" when configuring login settings on the mobile app.

For details, refer to the following page:



REST API does not support the two-factor authentication.
Therefore, users who enabled the two-factor authentication cannot use password authentication in REST API.

They should use other authentication methods such as API token, session authentication, or OAuth authentication, or use another user for integrations whose two-factor authentication setting is disabled.

For details on API, refer to the following website:
Kintone Developer Program

Guest Users

Guest users in Kintone cannot use the two-factor authentication.