This is an old revision of the document!
The Identity Provider will then present you a window explaining that an email has been sent to your 'private email box'. This email contains a link (yes, indeed it is a clickable link, which is necessary as the security key provided is too complicated to type it in. But you should make sure that the link is pointing to our
idp.strw.leidenuniv.nl identify server. Only after this verification you should click the link).
Now look at your private mail inbox and find there the mail with
Subject: Verify email
From: Observatory Identity Provider
And body text, similar like this, but made a bit more personal (not shown here for security purposes):
Someone has created a Leiden Observatory Intranet account with this email address. If this was you, click the link below to verify your email address Link to e-mail address verification This link will expire within 5 minutes. If you didn't create this account, just ignore this message.
where the text
Link to e-mail address verification contains the link to verify and confirm your 2FA setup. For your information the link starts like:
https://idp.strw.leidenuniv.nl/auth/realms/STRW/login-actions/action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiA... and the key is a long series of characters.
Pasting the link in a WEB browser asks again for your credentials. Submit this form and you are now fully setup for Two Factor Authentication.
A private email address is necessary to allow you to reset 2FA if necessary.