KOBIL eTAN
KOBIL eTan
The main task of this execution is to verify the email and also support AST Service as well as SSMS based installations.
Type
Protocol | OpenID Connect 1.0 |
---|---|
HTTP method | GET |
Type | Browser Flow |
Endpoint | Authorization Endpoint |
Flow Supported | Authorization code flow Implicit flow Hybrid flow |
Response | ID Token, Access Token, Refresh Token |
Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Settings
button and select Config
. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in KOBIL eTan execution
Parameter | Description |
---|---|
ID | Unique system UUID, which will be assigned automatically to record in a database. |
Alias | Name for the overall configured configurations which occurs in particular authenticator.(Example: Email Confirmation) |
Authentication Flow Type | Type of flow for which the authenticator is used. (Example: Reset-credentials) |
User Identity attribute | User property to identify the user for login validation. Default : Email. |
User Attribute | User attribute value selected for login validation. This should be set only if the User Identity Attribute value is "user attribute". |
Enable Password Check | If enable this will turn on password verification against IDP Provider credentials. |
Invalid User ID message | Message to be displayed when the user ID is invalid or user not found. |
Invalid credentials message | Message to be displayed when the user credentials invalid. For default invalid username or password. |
User disabled message | Message to be displayed when the user is disabled. Default Message: User is currently disabled, please contact admin. |
ACR value | This ACR value will be set in the end, if verification succeeds |
AMR value | This AMR value will be set in the end, if verification succeeds |
Show Success Popup Screen | Enable to show success popup in the flow. |
Success Popup Title | Text wil be displayed in the success popup title. |
Success Popup Description | Text wil be displayed in the success popup body. |
Email Verification Code Length | Length of the Email Verification code. The default value is 6. |
Email Verification Code TTL | Provide the validity of the verification code. (Example: for days 2d, for hours 2h, for secs 2s.) Default value is 1h. |
Email OTP Expired Message | Message to be displayed when the user enters expired OTP. |
Show Email Confirmation | Enable to show email confirmation view. |
Allow non-existent user | If enabled, non-existent user will not get blocked instead the user will be redirected to OTP page to not reveal whether the user has an account. |
JSON Script | JSON to display inputs in Headless V2 theme. |
Parameter specific to Bruteforce feature
Parameter | Description |
---|---|
Retry Attempt Exceeded | To display the retry exceeded message along with the timer. |
User temporarily locked message | Message to be displayed when the user is temporarily locked. Example: User is temporarily locked for %time% minutes. |
Reset Bruteforce failure count | If enabled the Bruteforce failure count will be set to 0 on successful login. |
Parameter specific to Resend OTP Bruteforce feature
Parameter | Description |
---|---|
OTP temporarily locked message | Message to be displayed when the OTP resend option is temporarily locked. |
Reset OTP Bruteforce failure count | Enable to reset OTP Brute Force failure count on successful login. It is disabled by default. |
REG Enable Session OTP brute force | Enable the Session OTP brute force. Enabled only for the Registration flow. |
REG Max Session OTP Resend | Number of re-tries a user is allowed to do. (Example: 10, Default: 5). Used only in the Registration flow. |
REG Max Session OTP Resend | Number of re-tries a user is allowed to do. (Example: 10, Default: 5). Used only in the Registration flow |
REG Wait Increment | Wait time (in seconds) for the user, if the user gets locked. (Example: 3600, Default: 5). Value has to be in seconds. |
Resend Interval Duration | Enter the duration for for Resend code interval. |
User Flow
Execution Flow
This execution contains the following main steps:
- KOBIL eTan must be preceded by another authenticator since it procures a user from this precedent Authenticator. For instance: KOBIL Configure User Identity for user identification. This execution will be used in the registration flow.