Scenario: User Login with Challenge/Response

This scenario uses the workflow tree illustrated in User login with Challenge/Response workflow tree.

User login with Challenge/Response workflow tree

Before you begin

Ensure that you have completed the steps described in Scenario: Offline user registration and Digipass activation.

Walkthrough: User login with Challenge/Response

Walkthrough: User login with Challenge/Response

1. Use the following URL to start the process:

   https://your_instance_url/openam/XUI/?realm=/&service=OneSpan-XUI-Cloud-Authentication-User-Login-Challenge-Response-Sample-Tree#login

   The ForgeRock login dialog is displayed.

2. Enter your user name.

   A Cronto image carrying the challenge code is displayed.

3. Launch the Mobile Authenticator Studio app and tap CR in the Applications list.

4. Verify your identity.            

   The app generates your response to the challenge.

5. Enter the OTP in the login dialog.

   The OCA Login service validates the OTP and returns the validation result. If the authentication has succeeded, the browser will be redirected to the success URL.

For more information about the user login process using Challenge/Response in general, see Integrate end-user login with Challenge/Response.

Additional considerations

The workflow tree uses the following sample nodes:

• OneSpan Sample Attributes Collector

• OneSpan Sample Error Display

The OneSpan Sample nodes are provided and included in the OneSpan Authentication for ForgeRock package for demonstration purposes only. You should not use these nodes in production environments, but replace them with your own node implementations.

Next steps

After completing this scenario, you can continue with Scenario: Offline transaction data signing.