Skip to main content

KOBIL Email Registration

KOBIL Email Registration

This execution has the following main tasks

  • To verify the email id of the user, if email id is already available.
  • To collect and verify the email id of the user, if email id is not available.

Type

ProtocolOpenID Connect 1.0
HTTP methodGET
TypeBrowser Flow
EndpointAuthorization Endpoint
Flow SupportedAuthorization code flow
Implicit flow
Hybrid flow
ResponseID Token, Access Token, Refresh Token
Response Modequery, form_post, fragment

How to configure

To access the config of the execution press the Actions button and select Config. The authenticator configuration screen will appear. Then enter your config data.

KOBIL Email Registration flow

Configuration

Parameters involved in KOBIL Login execution
ParameterDescription
IDUnique system UUID, which will be assigned automatically.
AliasDisplay name of configuration, which occurs in authentication flow. (Example: 1fa)
Force Email VerificationEnable to force email verification, even phone is already verified.
Email Verification Code LengthProvide the size of the verification code to be sent through email.
Disable Email Back ButtonDisable the back button in forgot password flow.
Email Verification Code TTLProvide the validity of the verification code. Default value is 1 hour.
Show Email ConfirmationEnable to show email confirmation view.
Email Retry DelaySet the time delay in seconds between each incorrect attempt. Default value is 5 seconds. Note: This time will be doubled with every consecutive attempt.
Use OTP Bruteforce Global SettingsEnable to implement the default IAM's OTP brute force logic.
Disable Email VerificationIf this is switched ON, email verification is temporarily suspended and carried out later as part of Required Actions.
Disable email editingEnable - email cannot be editied/modified. Disable - email can be editied/modified.

KOBIL Email Registration flow

User Flow

Execution Flow

This execution contains following main steps:

  1. KOBIL Email Registration must be preceded by another authenticator, since it procures username from this precedent authenticator. For instance: KOBIL Username Password Form for user identification.
  2. The OTP will be sent to the email which we entered, once the user enters the valid OTP, the user email will be added on successful authentication.
  3. Execution verifies the user email id when Email Verified is OFF and email_verified_timestamp is not present in User details.
    3a. If the user email id is available in IDP and `Email Verified` is **OFF** -> An OTP will be sent to the already existing user email id. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` must be added to the user.
    3b. If the user email id is not available in IDP and `Email Verified` is **OFF** -> The user will be asked to provide the email id during login, to which OTP needs to be sent. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` and `email_lastupdated_timestamp` must be added to the user.
    3c. If the user email id is available in IDP and `Email Verified` is **ON** -> An OTP will be sent to the already existing user email id. User must provide the OTP in the login screen for verification. Login happens if the OTP is correct. On successful login, `email_verified_timestamp` must be added to the user.
KOBIL Email Registration flow