AST Login
AST Login
The main task of this execution is to perform Actions configuration on AST services.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Actions button and select Config. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in AST Login execution
| Parameter | Description |
|---|---|
| Alias | Display name of configuration, which occurs in authentication flow. (Example: AST Login) |
| Action | Select the action which the authenticator should perform. |
| MLoA | Select MLoA value for the user. |
| AST Client ID Optional | Enable to make AST Client ID optional for AST activation. |
| Set hidden first factors | Enable to set user attribute hidden_first_factor_{astClientId} as password after activation. |
| Read AST Client ID and Client Data from session | Enable to always read AST Client ID and Client Data from session. |
| Prompt user before unbind all | If enabled it will request for confirmation before unlinking the device(s) in Confirmation screen. If disabled it will unlink without Confirmation screen. |
| JSON Script | To display the prompt information in JSON Headless V2 theme, when Prompt user before unbind all is enabled. |
User Flow
Execution Flow
This execution contains the following main steps:
- AST Login must be preceded by 1FA since it procures a user's identity validation from this precedent Authenticator. For instance: KOBIL Username Password Form.
- The AST Login authenticator will perform actions (login, activate, etc) based on the configs, it provides support for the AST service.