Two-factor authentication

We are implementing Continuous Delivery using TeamCity and some jobs require two-factor authentication for legal reasons (we handle medical information as well as credit card numbers, so have to comply with a number of US laws). We have a system in place which comes with an API, so we can write the integration ourselves. However it is not clear to us what kind of integration we would need with TeamCity. To illustrate, we might have a project that looks something like this:

- Billing Service
  - Build and Test
  - Package
  - Deploy to Staging
  - Deploy to Production
    -- deploy [Run ...]

Anything but the Deploy to Production could be executed by anybody in the company. However pushing deploy [Run ...] must require two-factor authentication. What are our options?

1 comment
Comment actions Permalink

Hi Gorge,

There is no build-in two-factor authentication in TeamCity.
There are few ways to prevent build from triggering in TeamCity:
1. Configure Roles and Permissions, so only needed users would be able to trigger the builds in Deploy to Production build configuration.
2. Use promt parameters and ask user to enter some specific value, that is validated using regular expression

You can create a plugin that will perform two-factor authentication. Or implement authentication as the first build step of Deploy to Production and fail build if it is not passed.


Please sign in to leave a comment.