OTP validator
Used to validate a OTP either generated by an mobile app, token device or sent to the user via SMS/e-mail. Often used in conjunction with other authenticators. Requires modules AuthN & Pipes.
Using tokens when authenticating assumes that the user has a token. Fortified ID have a product called Fortified ID Enrollment to help user to easily enroll for tokens.
Configuration
Common Authenticator configuration can be found here.
pipe_id
Pipe to use for validation.
N/A
pre_pipe_id
Pipe commonly used for sending OTPs.
N/A
allowed_otp_retry
Allowed number of times a user is allowed to enter OTP before process is aborted.
2
webroot_dir
See common authenticator configuration
web/authenticator/otp_validation
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when completing and failing a transaction.
Event ids are:
WEB_100019("OTP validated")
IDENTIFIER (user trace id)
CUSTOMER_IDENTIFIER (if configured)
SOURCE_ADDRESS (ip of the remote session)
WEB_100020("OTP validation failed")
IDENTIFIER (user trace id)
CUSTOMER_IDENTIFIER (if configured)
SOURCE_ADDRESS (ip of the remote session)
Data sent to validation pipe
On otp-validation, data sent to pipe is:
otp - entered by user
Data exposed to global state
None
API
Starting an authentication
Start by sending in a Ajax request containing identifier & password:
{
"type": "start",
"data": {
"otp": "<otp>"
}
}
The response back will contain either a COMPLETED or ERROR:
{
"status": "COMPLETED"
}
Translation keys
{
"otp_validation.otp": "One-time password",
"otp_validation.start_validate": "Verify one-time password",
"otp_validation.verified": "One-time password verified",
"otp_validation.redirecting": "Redirecting...",
"otp_validation.cancel": "Cancel",
"otp_validation.ERROR": "Wrong one-time password",
"allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
"allow-cookies-button": "Approve language cookie",
"change_language": ""
}
{
"otp_validation.otp": "Engångslösenord",
"otp_validation.start_validate": "Verifiera engångslösenord",
"otp_validation.verified": "Engångslösenord verifierat",
"otp_validation.redirecting": "Omdirigerar...",
"otp_validation.cancel": "Avbryt",
"otp_validation.ERROR": "Felaktigt engångslösenord",
"allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av språk-cookie.",
"allow-cookies-button": "Godkänn språk-cookie",
"change_language": ""
}