The Identity Provider will then present you a window explaining that an email has been sent to your 'private email box'. This email contains a link (yes, indeed it is a clickable link, which is necessary as the security key provided is too complicated to type it in. But you should make sure that the link is pointing to our
idp.strw.leidenuniv.nl identify server. Only after this verification you should click the link).
Now look at your private mail inbox and find there the mail with
Subject: LION Identity Management verification email
From: LION Identity Provider email@example.com
And body text, similar like this:
Someone is trying to setup two factor authentication on the LION Intranet system. If this was you, it is save to copy/paste the link below to verify your email address, but please do verify it is going to the Observatory Identity server: idp.strw.leidenuniv.nl. The link for email address verification is: https://idp.physics.leidenuniv.nl/auth/realms/STRW/login-actions/ action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldU... BqPjnSig&client_id=local.strw.leidenuniv.nl&tab_id=KADCiBDmsaY This link will expire within 5 minutes. If you didn't initiate two-factor authentication, just ignore this message.
where the text
Link to e-mail address verification contains the link to verify and confirm your 2FA setup. For your information the link starts like:
https://idp.physics.leidenuniv.nl/auth/realms/STRW/login-actions/action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiA... and the key is a long series of characters.
Pasting the link in a WEB browser asks again for your credentials. Submit this form and you are now fully setup for Two Factor Authentication.
A private email address is necessary to allow you to reset 2FA if necessary.