Login
    Contenu x
    Integration of User Login with one-time password (OTP)
    • 22 Oct 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    Contenu

    Integration of User Login with one-time password (OTP)

    • Mis à jour le 22 Oct 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    OneSpan Cloud Authentication enables users to login to your web application and validate events by generating an one-time password (OTP). An authenticator (hardware or software) that supports the generation of Response-Only- or 1-step Challenge/Response-OTPs is provisioned for the user.

    During the allocation of the authenticator, hardware authenticators can be defined to use Response-Only-, Challenge/Response-, or time-based OTPs, and can be modified on an as-needed basis.

    User authentication with a Response-Only- or time-based OTP is integrated with a login request. For user authentication with a 1-step Challenge/Response-OTP, you need to provide an OTP and the related challenge to the Authentication component with an event validation request.

    To integrate user authentication with an OTP

    • Issue a login request via the POST /users/{userid@domain}/login endpoint:

      • Method: POST

      • Payload:

        • objecttype: “LoginInput”

        • credentials.authenticator.OTP

        • (Optional) credentials.authenticator.challenge

    For a Response-Only authentication, the user initiates the login process and provides the Response-Only (RO) OTP generated by their authenticator. OneSpan Cloud Authentication validates the OTP and authenticates the user.

    For a 1-step Challenge/Response authentication, the client application generates a custom challenge. This challenge is displayed to the user on the login page. The user enters it into their authenticator and enters the response, e.g. an OTP, on the login page.

    Sequence of a login operation in synchronous login mode with Response-Only OTP

    Before starting the operation, ensure the correct state of the user account by validating the output of the GET /users/{userID@domain} endpoint.

    1. The user initiates the login operation which triggers the client application to send a login request This request includes the following parameters:

      • authenticator user

      • authenticator domain

      • Response-Only OTP (for authentication with Response-Only OTP

      • challenge (for authentication with 1-step Challenge/Response OTP)

      • Challenge/Response OTP (for authentication with 1-step Challenge/Response OTP)

    2. The web service validates the OTP.

      1. OneSpan Cloud Authentication returns the validation result of the OTP.

      2. The Login service forwards the validation result to the web service.

    3. The client application checks the status of the login request with the web service.

    4. The web service returns to the client application that the authentication has been successful.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle