KOBIL Configure ACR
KOBIL Configure ACR
This execution contains the following main steps:
- To verify and validate the token and set user in context.
- To extract the expected step-up ACR value from the scope and current ACR value of the user from token and setting both of them in session.
- It will get succeeded only the expected step-up ACR value is greater than the current ACR value.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Actions button and select Config. The authenticator configuration screen will appear. Then enter your config data.
Configuration
Parameters involved in KOBIL Verify Password execution
| Parameter | Description |
|---|---|
| ID | Unique system UUID, which will be assigned automatically. |
| Alias | Provide an alias name for the configuration to be set. (Example: ACR 1) |
| Authentication Flow Type | Type of flow for which the authenticator is used. (Example: Step-Up) |
User Flow
Execution Flow
This execution contains the following main steps:
-
The execution is basically a conditional execution, which needs scope and token, astClientId as input from the header, in which the token should contain ACR and AMR values
-
If the expected step-up ACR value is greater than the current ACR value of the user, then the flow will move to the next execution otherwise, the flow gets succeeded.
-
This execution will be used only for Step-Up flow.