2 Factor Authentication
Patients using the EU data centre (https://eu.patientsknowbest.com) can set up two-factor authentication (2FA) on their account. If 2FA is enabled the user will need to enter a code from their authentication app every time that they log in to PKB. 2FA is mandatory for patients linked to Organisations in the Netherlands.
How do I enable 2FA?
Log in and click ‘Settings’ at the top of the page.
If your account allows 2FA (i.e. you are logged in as a patient on the EU data centre) a third tab will display labelled ‘Authenticator.' Click ‘Authenticator.’
Open up an authentication app on your smartphone, such as Authy or Google Authenticator. In the authentication app scan the QR code displayed on PKB (or manually enter the details on the right hand side). Add the code displayed on your phone into PKB and click ‘Enable’
If the code is wrong or incomplete, an error message will display on PKB.
If the code is correct, 2FA will be enabled and you will be returned to the PKB homepage with a success message.
How do I disable 2FA?
Navigate to Settings > Authenticator. Enter the code displayed on the authentication app on your smart phone that you used to set up 2FA. Click ‘Disable’. If you are linked to an Organisation in the Netherlands, 2FA is mandatory and therefore will have to be re-enabled if it is disabled.
How do I log in with 2FA enabled?
Enter your login credentials as usual
Enter the code displayed on the authenticator app on your smartphone and click ‘Authenticate’
What if I access PKB via Single Sign-On?
You can grant access to a third party app with single sign-on (SSO). If you have enabled 2FA enabled on PKB, PKB asks for an authentication code when first setting up the SSO connection.
Every time you access PKB via SSO API PKB asks for an authentication code:
If you set up SSO with 2FA enabled, then disable 2FA you are able to successfully login using SSO without being asked for an authentication code.
If the you set up SSO without 2FA enabled, then enable 2FA, you will be asked for an authentication code every time you login to PKB via SSO.
When a third party system uses PKB APIs to post or get data for a user with 2FA enabled, PKB does not need the authentication code.
What if I access PKB using NHS Login?
If you have 2FA enabled in PKB and log in via the NHS Login (for example, if accessing PKB via the NHS App), PKB 2FA will not apply because NHS Login has its own 2FA set-up.
Please see the steps below to understand how 2FA is managed when logging in to PKB via NHS login.
Use ‘Login with NHS Login’ button
Enter your NHS Login email address
Enter your NHS Login password
Enter the 6 digit code sent to your mobile phone by NHS Login
You will then be logged into PKB.