With QR or "app-switch"

This authenticator expects users either scan a QR code or "app-switch".

Configuration

This is the configuration for the TaskViewAuthenticator

Authenticator type: TaskViewAuthenticator

Common Authenticator configuration can be found here.

Name Description Default value Mandatory

Name	Description	Default value
`internal_http_destination`	ID of the internal http client used to talk with backend.	"default"
`username_parameter`	Parameter to where the username is exported.	`"username"`
`server_api_url`	Address to the mobile server api module.	N/A
`timeout_seconds`	Time to live before the authenticator expires (0 is forever)	0
`task_form`	The task-form to be used in the authentication.	N/A

internal_http_destination

ID of the internal http client used to talk with backend.

"default"

username_parameter

Parameter to where the username is exported.

"username"

server_api_url

Address to the mobile server api module.

N/A

timeout_seconds

Time to live before the authenticator expires (0 is forever)

task_form

The task-form to be used in the authentication.

N/A

{
	"id": "myauth01",
	"type": "TaskViewAuthenticator",
	"config": 
	{
		"webroot_dir": "web/taskauthenticator",
		"server_api_url":"http://192.168.86.27:7001/mos",
		"require_chain": false,
		"timeout_seconds":120,
		"username_parameter":"username",
		"context_path" : "/login/authn/login",
		"success_location": "http://www.google.se",
		"failure_location": "/login/authn/login/logout",
		"cancel_location": "/login/authn/login/logout",
		"task_form":
		{
	    		"elements":
    			[
	      			{"id":"1","type":"label","value":"Confirm your login"},
	      			{"id":"2","type":"button_confirm","value":"Confirm"},
	      			{"id":"3","type":"button_reject","value":"Reject"}
	    		]
		}
	}
}

Logging

Apart from system logging, event logging is done when starting, completing, and failing a transaction.

Event ids are:

MOBILE_ID_100101("MobileID authentication started")
- IDENTIFIER (session trace id)
MOBILE_ID_100102("MobileID authentication completed")
- IDENTIFIER (session trace id)
- SOURCE_USER_NAME (user subject)
MOBILE_ID_100103("MobileID authentication rejected")
- IDENTIFIER (session trace id)
MOBILE_ID_100104("MobileID authentication canceled")
- IDENTIFIER (session trace id)
MOBILE_ID_100105("MobileID authentication expired")
- IDENTIFIER (session trace id)

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state, replacing existing values:

"username_parameter" set to user subject

PreviousMobile ID NextHeader based