4. Enabling secure mail operations for TOTP

You can optionally configure support for secure mail operations (decryption, encryption, signing) for web users with Notes IDs, such as iNotes users.

About this task

Enabled through security policy and ID vault configuration, an ID file is downloaded into memory and used for secure mail operations when web users are enabled for TOTP. The download can occur during initial TOTP authentication or if a secure mail operation is attempted and the ID file is not in memory.


  1. Enable secure mail operations for TOTP in the Security Settings document used for your ID vault:
    1. Open the Security Settings document and click the ID Vault tab.
    2. In the section TOTP-based ID Downloads, select Yes in the Allow TOTP authentication with the ID vault field.
    3. To allow web users who do not use TOTP to continue to download their Notes IDs for secure mail operations, select Yes in the Allow password authentication with the ID vault. To require that all web users use TOTP in order to download their Notes IDs, select No.
  2. In the vault Configuration document, specify the servers that use the ID vault and are enabled for TOTP and secure mail operations.
    1. Open the vault database.
    2. Open the Configuration document.
    3. In the Non iDP authentication login section, specify all of the Domino web mail server names in the Trusted servers field.