KOBIL Configure ACR
KOBIL Configure ACR
This execution contains the following main steps:
- To verify and validate the token and set user in context.
- To extract the expected step-up ACR value from the scope and current ACR value of the user from token and setting both of them in session.
- It will get succeeded only the expected step-up ACR value is greater than the current ACR value.
Type
Protocol | OpenID Connect 1.0 |
---|---|
HTTP method | GET |
Type | Browser Flow |
Endpoint | Authorization Endpoint |
Flow Supported | Authorization code flow Implicit flow Hybrid flow |
Response | ID Token, Access Token, Refresh Token |
Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Settings
button and select Config
. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in KOBIL Verify Password execution
Parameter | Description |
---|---|
ID | Unique system UUID, which will be assigned automatically to record in a database. |
Alias | Name for the overall configured configurations which occurs in particular authenticator. (Example: ACR 1) |
Authentication Flow Type | Type of flow for which the authenticator is used. (Example: Step-Up) |
User Flow
Execution Flow
This execution contains the following main steps:
-
The execution is basically a conditional execution, which needs scope and token, astClientId as input from the header, in which the token should contain ACR and AMR values
-
If the expected step-up ACR value is greater than the current ACR value of the user, then the flow will move to the next execution otherwise, the flow gets succeeded.
-
This execution will be used only for Step-Up flow.