Skip to main content

KOBIL eTAN

KOBIL eTan

The main task of this execution is to verify the email and also support AST Service as well as SSMS based installations.

Type

ProtocolOpenID Connect 1.0
HTTP methodGET
TypeBrowser Flow
EndpointAuthorization Endpoint
Flow SupportedAuthorization code flow
Implicit flow
Hybrid flow
ResponseID Token, Access Token, Refresh Token
Response Modequery, form_post, fragment

How to configure

To access the config of the execution press the Settings button and select Config. The authenticator configuration screen will appear. Then enter your config data.

KOBIL eTan

Configuration

Parameters involved in KOBIL eTan execution
ParameterDescription
IDUnique system UUID, which will be assigned automatically to record in a database.
AliasName for the overall configured configurations which occurs in particular authenticator.(Example: Email Confirmation)
Authentication Flow TypeType of flow for which the authenticator is used. (Example: Reset-credentials)
User Identity attributeUser property to identify the user for login validation. Default : Email.
User AttributeUser attribute value selected for login validation. This should be set only if the User Identity Attribute value is "user attribute".
Enable Password CheckIf enable this will turn on password verification against IDP Provider credentials.
Invalid User ID messageMessage to be displayed when the user ID is invalid or user not found.
Invalid credentials messageMessage to be displayed when the user credentials invalid. For default invalid username or password.
User disabled messageMessage to be displayed when the user is disabled. Default Message: User is currently disabled, please contact admin.
ACR valueThis ACR value will be set in the end, if verification succeeds
AMR valueThis AMR value will be set in the end, if verification succeeds
Show Success Popup ScreenEnable to show success popup in the flow.
Success Popup TitleText wil be displayed in the success popup title.
Success Popup DescriptionText wil be displayed in the success popup body.
Email Verification Code LengthLength of the Email Verification code. The default value is 6.
Email Verification Code TTLProvide the validity of the verification code. (Example: for days 2d, for hours 2h, for secs 2s.) Default value is 1h.
Email OTP Expired MessageMessage to be displayed when the user enters expired OTP.
Show Email ConfirmationEnable to show email confirmation view.
Allow non-existent userIf enabled, non-existent user will not get blocked instead the user will be redirected to OTP page to not reveal whether the user has an account.
JSON ScriptJSON to display inputs in Headless V2 theme.

Parameter specific to Bruteforce feature

ParameterDescription
Retry Attempt ExceededTo display the retry exceeded message along with the timer.
User temporarily locked messageMessage to be displayed when the user is temporarily locked. Example: User is temporarily locked for %time% minutes.
Reset Bruteforce failure countIf enabled the Bruteforce failure count will be set to 0 on successful login.

Parameter specific to Resend OTP Bruteforce feature

ParameterDescription
OTP temporarily locked messageMessage to be displayed when the OTP resend option is temporarily locked.
Reset OTP Bruteforce failure countEnable to reset OTP Brute Force failure count on successful login. It is disabled by default.
REG Enable Session OTP brute forceEnable the Session OTP brute force. Enabled only for the Registration flow.
REG Max Session OTP ResendNumber of re-tries a user is allowed to do. (Example: 10, Default: 5). Used only in the Registration flow.
REG Max Session OTP ResendNumber of re-tries a user is allowed to do. (Example: 10, Default: 5). Used only in the Registration flow
REG Wait IncrementWait time (in seconds) for the user, if the user gets locked. (Example: 3600, Default: 5). Value has to be in seconds.
Resend Interval DurationEnter the duration for for Resend code interval.

KOBIL eTan

User Flow

Execution Flow

This execution contains the following main steps:

  1. KOBIL eTan must be preceded by another authenticator since it procures a user from this precedent Authenticator. For instance: KOBIL Configure User Identity for user identification. This execution will be used in the registration flow.
KOBIL eTan