How to configure a developer profile #
Once you have signed up to the Cosync service through the Cosync Portal, the next step is to complete your profile information.
Manage Your Profile #
To bring up the profile information click on the avatar icon in the upper right hand corner of the user interface.
The Cosync Portal service keeps a minimum amount of information about the developer. This includes:
- First Name
- Last Name
Since the developer uses an email handle, the developer’s email is kept as well. Additionally, the developer can set an avatar by clicking on the avatar icon with the Choose Picture caption.
2 Factor Authentication (2FA) #
Lastly, the developer can secure the account by enabling Google 2-factor authentication described in the section below. If two-factor authentication is enabled, the developer will need to set this up using the Google Authenticator application link.
The Cosync Portal uses the Google Authenticator to provide two-factor authentication as an extra layer of security to control access to a developer account. From the developer’s standpoint, access to the portal must be tightly controlled as it provides access to authentication services to potentially sensitive MongoDB Realm applications. If enabled, the two-factor authentication requires that the developer install the Google Authenticator app on a mobile device. For more information about the Google Authenticator application, please consult this link.
The Google Authenticator works by sending the developer’s device a six-digit code that periodically changes every minute. Only by entering that code during the login process can the developer be granted access to the CosyncJWT portal. Since the code is transient, it cannot be stolen and reused at a later time, but requires that the developer be registered with Google Authenticator, have the app open at the time of login.
To turn on two-factor authentication for a developer account simply toggle the 2-factor authentication button in the profile tab in the interface. You will then be presented a QRCode with the secret key for the Cosync application that can be scanned in by the Google Authenticator app.
If as a developer you are logged out and lose the Google Authenticator code, the only way to get back into your account is to go through the Forgot Password function. Reseting your password through your email account, will turn off two-factor authentication. This can be reactivated once you have logged in with the reset password.