Multi-Factor Authentication

Authentication Service

Secure your remote access with MFA that you control

Mideye adds multi-factor authentication to your VPNs, firewalls, and applications, without replacing your existing infrastructure.

Unlike cloud-only MFA services, Mideye runs on your infrastructure. Authentication decisions happen inside your network. The central service, hosted in Sweden, handles only message delivery: SMS, push notifications, and token logistics.

How It Works

Your Infrastructure Mideye Server
+ Your VPN/Firewall
+ Your User Repository (E.g. LDAP/AD)

⟷

Mideye Central (Sweden) Push Notifications
SMS/RCS Delivery
Token Logistics

On-Premises Control

Authentication engine runs in your datacenter. No user credentials leave your network.

European Data Residency

Central services hosted in Sweden. Supports GDPR and European compliance requirements.

No Schema Changes

Reads from Active Directory as-is. Deploy MFA without modifying your directory.

Authentication Methods

Choose the right method for each user, or let them choose themselves:

Mideye+ App Recommended

One-tap push authentication for iPhone and Android. Users approve login requests instantly, no codes to type. Works over WiFi when mobile networks are unavailable. Includes offline TOTP for air-gapped environments.

Learn more about Mideye+ →

SMS One-Time Password

Works with any mobile phone, no app required. OTPs delivered in real-time via direct connections to mobile operators worldwide. Ideal for users who can't or won't install apps.

View global SMS coverage →

Hardware Tokens

OATH-compliant hardware tokens for users without mobile phones or in high-security environments. Support for YubiKey, HID, and other PSKC-compatible tokens. Use your existing tokens or order from Mideye with worldwide shipping.

Learn about hardware tokens →

Works With Your Infrastructure

Mideye integrates via standard RADIUS protocol, no agents, no proxies, no application changes.

VPN & Firewalls

FortiGate · Palo Alto GlobalProtect · Cisco AnyConnect · Cisco ISE · Check Point · SonicWall · F5 BIG-IP

Remote Access

Citrix NetScaler · Citrix Gateway · Pulse Secure · Windows RDS · VMware Horizon · Apache Guacamole

Identity & SSO

Microsoft ADFS · Entra ID (Azure AD) · SAML 2.0 · OIDC -> RADIUS

Linux & Servers

PAM RADIUS module · SSH authentication

View all verified integrations →

Advanced Features

Assisted Login

Delegated authentication for teams. Supervisors approve access for team members in real-time via push notification. Ideal for shared workstations, help desks, and break-glass scenarios.

• Active Directory & Azure AD group-based authorization
• Full audit trail of all approvals
• Customizable challenge questions

Learn about Assisted Login →

Cloud Authentication

MFA without server installation. Our cloud-hosted API handles push notifications and SMS delivery. Just provide a phone number, we handle the rest. Hosted in Sweden.

• Simple REST API, single endpoint
• Automatic push/SMS fallback
• EU data residency (Azure Sweden)

Explore Cloud API →

Mideye Shield

Real-time protection against authentication attacks

Mideye Shield blocks brute-force attacks, password spraying, and MFA fatigue attacks before they reach your users. Threat intelligence is shared across participating Mideye servers, when an attack is detected anywhere, everyone is protected.

• Automatic IP blocking based on behavior patterns
• Protection against MFA prompt bombing
• No configuration required, one-click enable

Learn more about Mideye Shield →