Email Converter

Features like Full Site Protection will stop users from enrolling in a standard way as they will not have any option to enter their credentials without providing their second factor first.

It is possible however to enroll users beforehand - provided their username is also an email.

This functionality needs to be enabled globally under settings and use a proper, working email gateway.

To enable an email converter within an application representation you need to enable the function under Advanced Configuration and whitelist emails that would be enabled to use this functionality:

The emails can be input as a list of entries with each entry in a new line.

To use the email converter users need to navigate to a specific URL crafted from the protected application domain, for example: https://application.secfense.com/secfense/converter

They will be presented with an option to enter their email - and if it is whitelisted soon they will receive a message with a one time code:

Once the code is entered in the appriopriate field the user will be asked to register a 2nd factor (FIDO2 only) which they will be able to use later in this application.

IMPORTANT: Email converter only allows to register FIDO2 compliant methods (passkeys) as second factor. Even if such method would not be chosen as available during basic configuration users will be allowed to use it.