KOBIL Email Registration
KOBIL Email Registration
This execution has the following main tasks
- To verify the email id of the user, if email id is already available.
- To collect and verify the email id of the user, if email id is not available.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Settings button and select Config. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in KOBIL Login execution
| Parameter | Description |
|---|---|
| ID | Unique system UUID, which will be assigned automatically to record in a database. |
| Alias | Name for the overall configured configurations which occurs in particular authenticator. (Example: 1fa) |
| Force Email Verification | Enable to force email verification, even phone is already verified. |
| Email Verification Code Length | Provide the size of the verification code to be sent through email. |
| Disable Email Back Button | Disable the back button in forgot password flow. |
| Email Verification Code TTL | Provide the validity of the verification code. Default value is 1 hour. |
| Show Email Confirmation | Enable to show email confirmation view. |
| Email Retry Delay | Set the time delay in seconds between each incorrect attempt. Default value is 5 seconds. Note: This time will be doubled with every consecutive attempt. |
| Disable Email Verification | If this is switched ON, email verification is temporarily suspended and carried out later as part of Required Actions. |
| Disable email editing | Enable - email cannot be editied/modified. Disable - email can be editied/modified. |
Parameter specific to Resend OTP Bruteforce authenticator
| Parameter | Description |
|---|---|
| Use OTP Bruteforce Global Settings | Enable to implement the default IAM's OTP brute force logic. |
User Flow
Execution Flow
This execution contains following main steps:
- KOBIL Email Registration must be preceded by another authenticator, since it procures username from this precedent authenticator. For instance: KOBIL Username Password Form for user identification.
- The OTP will be sent to the email which we entered, once the user enters the valid OTP, the user email will be added on successful authentication.
- Execution verifies the user email id when
Email Verifiedis OFF andemail_verified_timestampis not present in User details.
- 3a. If the user email id is available in IDP and `Email Verified` is **OFF** -> An OTP will be sent to the already existing user email id. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` must be added to the user.
- 3b. If the user email id is not available in IDP and `Email Verified` is **OFF** -> The user will be asked to provide the email id during login, to which OTP needs to be sent. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` and `email_lastupdated_timestamp` must be added to the user.
- 3c. If the user email id is available in IDP and `Email Verified` is **ON** -> An OTP will be sent to the already existing user email id. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` must be added to the user.