Over the past several years, many companies have gained benefits from the implementation of cloud solutions within the organization. Due to the advantages such as flexibility, mobility, and costs saving, the number of cloud users is expected to grow rapidly. Consequently, organizations need a secure way to authenticate its users in order to ensure the functionality of their services and data stored in the cloud storages are managed in a private environment. In the current approaches, the user authentication in cloud computing is based on the credentials submitted by the user such as password, token and digital certificate. Unfortunately, these credentials can often be stolen, accidentally revealed or hard to remember. In view of this, we propose a biometric-based authentication protocol to support the user authentication for the cloud environment. Our solution can be used as the second factor for the cloud users to send their authentication requests. In our design, we incorporate several players (client, service agent and service provider) to collaborate together to perform the matching operation between the query feature vector and the biometric template of the user. In particular, we consider a distributed scenario where the biometric templates are stored in the cloud storage while the user authentication is performed without the leakage of any sensitive information.