KOBIL Phone Verification
KOBIL Phone Verification
This execution has the following main tasks:
- To collect and verify the phone number of the user, if the phone number is not available.
- To verify the phone number of the user, if the phone number is already available.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Settings button and select Config. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in KOBIL Phone Verification execution
| Parameter | Description |
|---|---|
| ID | Unique system UUID, which will be assigned automatically to record in a database. |
| Alias | Name for the overall configured configurations which occurs in particular authenticator.(Example: Phone Verification) |
| Authentication Flow Type | Type of flow for which the authenticator is used. (Example: Login). |
| Enter if phone is verified | Proceeds for authentication only if the phone number is verified. |
| Phone Verification Code Length | Length of the SMS code. The default value is 6. |
| Phone Verification Code TTL | Provide the validity of the verification code. (Example: for days 2d, for hours 2h, for secs 2s.) Default value is 1h. |
| Show Phone Confirmation | Enable to show phone confirmation view. |
| Get user by Phone Number | Enable to fetch user with phone number. |
| Query User From | Query the user based on username or user attribute(phone_number) from the dropdown. |
| Select Default Region Code | the default displaying national flag in Phone Number page can be selected |
| Ask phone number everytime if not verified | Enable to ask phone number untill verified. |
| Template of text to send to the user | Add phone message template, following attributes are supported {first_name}, {last_name}, {code}, and {expiration}. |
| ACR value | This ACR value will be set in the end, if verification succeeds. |
| AMR value | This AMR value will be set in the end, if verification succeeds. |
| JSON Script | JSON to display inputs in Headless V2 theme. |
Parameter specific to Resend OTP Bruteforce authenticator
| Parameter | Description |
|---|---|
| Resend Interval Duration | Time duration for resend code interval. |
| Retry Attempt Exceeded | To display the retry exceeded message along with the timer. |
User Flow
Execution Flow
This execution contains the following main steps:
- KOBIL Phone Verification must be preceded by another authenticator since it procures a username from this precedent authenticator. For instance: KOBIL Login for user identification.
- The OTP will be sent to the phone number which we entered, once the user enters the valid OTP, the user phone number will be added on successful authentication.