User lookup

Provides a single field of input for user to enter an identifier.

Configuration

Authenticator type: UserLookup

Common Authenticator configuration can be found here.

Name

Description

Default value

Mandatory

pipe_id

Name of pipe used for validation

N/A

allowed_retries

Allowed number of times a user is allowed to enter OTP before process is aborted.

webroot_dir

See common authenticator configuration

web/authenticator/user_lookup

{
    "id": "uidlookup",
    "type": "UserLookup",
    "config": {
        "base_path": "/saml/authn",
        "pipe_id": "finduser",
        "webroot_dir": "web/authenticator/user_lookup"
    }
}

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when completing and failing a transaction.

Event ids are:

WEB_100024("Performed user lookup")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_USER_NAME (username entered by the user)
- SOURCE_ADDRESS (ip of the remote session)
WEB_100025("User lookup failed")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_ADDRESS (ip of the remote session)
- SOURCE_USER_NAME (username entered by the user)

Data sent to validation pipe

On validation, data sent to the pipe is:

identifier - the username provided by the user

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state replacing existing values:

username

API

Starting an authentication

Start by sending in a Ajax request containing identifier & password:

{
    "type": "start",
    "data": {
        "identifier": "<user_data>"
    }
}

The response back will contain either a COMPLETED or ERROR:

{
    "status": "COMPLETED"
}

Translation keys

{
  "user_lookup.identifier": "Username",
  "user_lookup.start_authentication": "Sign in",
  "user_lookup.authentication_verified": "Identity verified",
  "user_lookup.redirecting": "Redirecting...",
  "user_lookup.cancel": "Cancel",
  "user_lookup.ERROR": "Wrong username or password.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}

{
  "user_lookup.identifier": "Användarnamn",
  "user_lookup.start_authentication": "Logga in",
  "user_lookup.authentication_verified": "Identitet verifierad",
  "user_lookup.redirecting": "Omdirigerar...",
  "user_lookup.cancel": "Avbryt",
  "user_lookup.ERROR": "Felaktigt användarnamn eller lösenord",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}

PreviousUser name & password NextOTP validator

User lookup

Provides a single field of input for user to enter an identifier.

Configuration

Authenticator type: UserLookup

Common Authenticator configuration can be found here.

Name

Description

Default value

Mandatory

pipe_id

Name of pipe used for validation

N/A

allowed_retries

Allowed number of times a user is allowed to enter OTP before process is aborted.

webroot_dir

See common authenticator configuration

web/authenticator/user_lookup

{
    "id": "uidlookup",
    "type": "UserLookup",
    "config": {
        "base_path": "/saml/authn",
        "pipe_id": "finduser",
        "webroot_dir": "web/authenticator/user_lookup"
    }
}

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when completing and failing a transaction.

Event ids are:

WEB_100024("Performed user lookup")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_USER_NAME (username entered by the user)
- SOURCE_ADDRESS (ip of the remote session)
WEB_100025("User lookup failed")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_ADDRESS (ip of the remote session)
- SOURCE_USER_NAME (username entered by the user)

Data sent to validation pipe

On validation, data sent to the pipe is:

identifier - the username provided by the user

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state replacing existing values:

username

API

Starting an authentication

Start by sending in a Ajax request containing identifier & password:

{
    "type": "start",
    "data": {
        "identifier": "<user_data>"
    }
}

The response back will contain either a COMPLETED or ERROR:

{
    "status": "COMPLETED"
}

Translation keys

{
  "user_lookup.identifier": "Username",
  "user_lookup.start_authentication": "Sign in",
  "user_lookup.authentication_verified": "Identity verified",
  "user_lookup.redirecting": "Redirecting...",
  "user_lookup.cancel": "Cancel",
  "user_lookup.ERROR": "Wrong username or password.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}

{
  "user_lookup.identifier": "Användarnamn",
  "user_lookup.start_authentication": "Logga in",
  "user_lookup.authentication_verified": "Identitet verifierad",
  "user_lookup.redirecting": "Omdirigerar...",
  "user_lookup.cancel": "Avbryt",
  "user_lookup.ERROR": "Felaktigt användarnamn eller lösenord",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}

PreviousUser name & password NextOTP validator