Integration of User Login with Static Password

With OneSpan Cloud Authentication you can implement functionality for your users to log in to your web application with a static password. This static password can be either used during a given grace period or together with other types of one-time password (OTP)-based authentication.

The static password for the account is set at its creation and can be modified on an as-needed basis.

Sequence of a user login operation with static password

1. The user initiates the login operation and provides the static password.

2. The client application collects the static password.

3. The client application sends a login request and includes the following parameters to the Login service:

   • authenticator user

   • authenticator domain

   • static password

   • timeout

4. The web service validates the static password.

5. The web service returns that the static password validation has been successful.

6. The web service returns to the client application that the authentication has been successful.

You integrate user authentication with static password with a login request.

To integrate user authentication with static password

1. Issue a login request via the POST /users/{userid@domain}/login endpoint:

   • Payload:

     • objecttype: “LoginInput”

     • credentials.passKey