All Products
Search
Document Center

Bastionhost:Two-factor authentication FAQ

Last Updated:Apr 21, 2026

This topic covers common issues with two-factor authentication.

Configure DingTalk two-factor authentication

  1. Log on to the DingTalk Admin Panel as a DingTalk administrator.
    Note If you are not a DingTalk administrator, contact your organization administrator to grant you the required permissions.
  2. On the Application Information page, create an H5 micro app and obtain its AppKey, AppSecret, and AgentId.
  3. On the Permission Management page, grant the following permissions: Contact.User.mobile, fieldMobile, and qyapi_get_member_by_mobile.
  4. Configure DingTalk two-factor authentication on Bastionhost. For details, see Enable two-factor authentication.

Cannot receive 2FA text messages

  • Check if your phone's Block Spam Messages feature is enabled. If so, look for the verification code in your blocked messages list or adjust your blocking rules.
  • Contact your telecom service provider to ensure they are not blocking notification messages.
Note If the issue is urgent, you can temporarily disable two-factor authentication with text messages and switch to another method. For instructions, see Enable two-factor authentication. If the issue persists, join the DingTalk group (ID: 33097550) and contact a technical expert.

Use a shared email for 2FA

Yes, but first confirm that doing so does not create a security risk.