Reference MFA implementation using Rest API in PowerShell
Introduction
This PowerShell script is a reference implementation for using REST API to implement UPSSO authentication/MFA in custom applications.
Capabilities
- Login using default UPSSO authentication
- Login using LDAP authentication.
- Select the type of MFA delivery (SMS, Email, or Google Authenticator)
- Validate OTP
Usage
Register API application.
- sing UPSSO web UI, register an application. Please refer to the following link on how to generate REST API Credential
Update API credentials in the script.
- Download the PowerShell script package below and unzip it.
- Right-click the PowerShell script and click edit.
- Under the global variables, find $Client_ID and replace the value with the previous step's generated value.
- Under the global variables, find $token and replace the value with the previous step's generated value.
- Save the file and exit.
Running the script
- Right-click on the PowerShell script and click run.
- In the address, enter the IP address or domain name. (Example:192.168.3.70 or sso.upsso.net)
- In the username prompt, enter UPSSO/LDAP user.
- In the password prompt, enter the password of the user entered in the previous step.
- In the OTP type, enter the type which you want to receive OTP
- Script validates the username and password and prompts for OTP as per the configuration.
- Enter the received OTP if prompted.
- Authentication status is printed on the console.
API's used in the script.
Flow diagram

Sample Script Execution
