how can i go about creating a pop up window in the middle of a workflow to call an api for authentication? this api will verify the user and return a verified or not verified value. based on this value, the workflow will do different things.
i am using sharepoint 2016
workflow run in the background, so it doesn't support any interactive actions nor opening any popus/windows (where/what client should it open on???)
you have either capture all the data before you start the workflow, or assign a task during the workflow to someone who can provide the data.
my workflow assigns the list items to a role to approve, so the authentication will be provided by them.
the item is opened by someone who will decide if the item is to be approved or not, and provide verification on their identity
if you assign a task to a user, nintex makes sure no one else is allowed resppond (approve/reject) the taks. so you do not need to perform any extra authentication on your own.
do you mean two factor autentication?
nintex nor sharepoint doesn't provide anything like that OOTB.
you would need to implement it on your own.
but as I've written you can not get a popup from workflow, you can only assign a task. then on task form you could play with some further autentication/verification.
but, isn't there 2 factor/level autentication already in place in your understanding?
first user have to autenticate with AD so that it can access sharepoint site or task form at all.
second check/authentication is made by nintex where only task assignee and nobody else can respond the task.
yes, that's right.
i don't think so? because if access to the approver account was somehow obtained, there is nothing else to block approvals / rejections
then on task form you could play with some further autentication/verification.
could you elaborate on this?
as mentioned, there is not anything available OOTB. you will have to work out your own solution.
eg. request to type in some token from an external device and validate it somehow, or pretend kind of captcha by showing some pictures that approver should somehow recognize, or integrate some 3rd party authentication solution, etc.