Skip to main content

KOBIL Username Password Form

KOBIL Username Password Form

This execution has the following main tasks

  • To validate user existence on IDP Provider.
  • To verify password against credentials stored in IDP Provider.

Type

ProtocolOpenID Connect 1.0
HTTP methodGET
TypeBrowser Flow
EndpointAuthorization Endpoint
Flow SupportedAuthorization code flow
Implicit flow
Hybrid flow
ResponseID Token, Access Token, Refresh Token
Response Modequery, form_post, fragment

How to configure

To access the config of the execution press the Settings button and select Config . The authenticator configuration screen will appear. Then enter your config data.

KOBIL Username Password Form flow

Configuration

Parameters involved in KOBIL Username Password Form execution
ParameterDescription
IDUnique system UUID, which will be assigned automatically to record in a database.
AliasName for the overall configured configurations which occurs in particular authenticator.(Example: 1fa)
Invalid Credentials MessageMessage to be displayed when the user credentials invalid. For default invalid username or password.
User Disabled MessageMessage to be displayed when the user is disabled. Default Message: User is currently disabled, please contact admin.
Time UnitSelect the Time unit in which the user lock duration must be displayed.
User Alias AttributeUser attribute value selected for login validation.
Verify Secret PasswordEnable to verify the secret password.
Header on filtering secret credential ID, when Verify Secret Password is enabledThe data in the specified header will be appended with credential ID to verify the secret password.
Registration URLThe Registration URL to be assigned for user registration link. If not specified, default registration auth flow is assigned.
Reset Credentials URLThe Reset Credentials URL to be assigned for Forgot Login Detail link. If not specified, default reset credentials auth flow is assigned.
Display Remaining AttemptsEnable to showcase the remaining credential input attempts before the user gets locked out due to Brute Force.
JSON Script JSON to display inputs in Headless V2 theme.
JSON Error Script JSON to display the error messages in Headless V2 theme.
Enable Metrics Enable the metrics which are specific to the current authenticator to expose in metrics endpoint.
Custom Metrics NameName of the metrics under which specific authenticator metrics will be exposed.
Custom Metrics descriptionDescription about the custom metrics.

Parameter specific to Bruteforce feature

ParameterDescription
Temporarily locked messageMessage to be displayed when the user is temporarily locked. Example: User is temporarily locked for %time% minutes.
Display Remaining AttemptsEnable to showcase the remaining credential input attempts before the user gets locked out due to Brute Force.

KOBIL Username Password Form flow

User Flow

Execution Flow

This execution contains the following main steps:

  1. User provides username and password.
  2. Execution verifies if the username exists on IDP Provider and password exists on the IDP Provider.
    2a. If the user does not exist or if credentials are incorrect -> The user will be redirected back to the username and password verification screen, (camouflage not to give away that user does not exist) -> Login won’t happen, since the user doesn’t exist.
KOBIL Username Password Form flow