With QR or "app-switch"
This authenticator expects users either scan a QR code or "app-switch".
Configuration
This is the configuration for the TaskViewAuthenticator
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with backend.
"default"
username_parameter
Parameter to where the username is exported.
"username"
server_api_url
Address to the mobile server api module.
N/A
timeout_seconds
Time to live before the authenticator expires (0 is forever)
0
task_form
The task-form to be used in the authentication.
N/A
webroot_dir
See common authenticator configuration
web/mobileid/taskviewauthenticator
{
"id": "myauth01",
"type": "TaskViewAuthenticator",
"config":
{
"server_api_url":"http://<server_url>/mos",
"context_path" : "/login/authn/login",
"success_location": "http://<success_url>",
"failure_location": "/login/authn/login/logout",
"cancel_location": "/login/authn/login/logout",
"task_form":
{
"elements":
[
{"id":"1","type":"label","value":"Confirm your login"},
{"id":"2","type":"button_confirm","value":"Confirm"},
{"id":"3","type":"button_reject","value":"Reject"}
]
}
}
}
Logging
Apart from system logging, event logging is done when starting, completing, and failing a transaction.
Event ids are:
MOBILE_ID_100101("MobileID authentication started")
IDENTIFIER (session trace id)
MOBILE_ID_100102("MobileID authentication completed")
IDENTIFIER (session trace id)
SOURCE_USER_NAME (user subject)
MOBILE_ID_100103("MobileID authentication rejected")
IDENTIFIER (session trace id)
MOBILE_ID_100104("MobileID authentication canceled")
IDENTIFIER (session trace id)
MOBILE_ID_100105("MobileID authentication expired")
IDENTIFIER (session trace id)
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state, replacing existing values:
"
username_parameter" set to user subject