OATH Registration widget

Definition

The OATH registration widget is used to provision the shared secret key between an OTP generator (such as Google Authenticator) and the verification server (AM server).

It is a standalone widget that requires a host feature of type "self" or an object feature where the object is the current subject.

Typically used in a UI_FOR_OBJECT feature of type "self".

The user is presented with a screen that invites him to proceed to a "One Time Password" registration. He can click the store links to obtain the recommended application (Google Authenticator, MS authenticator etc.).

Upon pressing on continue, a QR code is presented to the user, encoding the shared secret. The user must use his application (like Google Authenticator) to scan the QR code.

After registering the QR code, the user needs to provide a valid TOTP code in the field at the bottom using his application. If the code is correct the user will be informed that the registration is complete.

Configuration

Properties

The widget has no mandatory properties.

Example

CODE

<widget id="oath-registration-widget" xsi:type="ctdbum:OATHRegistrationWidgetType">
     <hidden>false</hidden>
     <config>
        <bordered>false</bordered>
        <title>true</title>
        <displayWizardSteps>false</displayWizardSteps>
        <displayWizardProgressBar>true</displayWizardProgressBar>
    </config>
</widget>

Feature Example

A full feature example

CODE

<?xml version="1.0" encoding="UTF-8"?>
<kit:DataSet xmlns:ctd="http://www.memority.com/citadel/1_0" xmlns:ctdbpmn="http://www.memority.com/citadel/bpmn/1_0" xmlns:ctdbum="http://www.memority.com/citadel/bum/1_0" xmlns:ctdcore="http://www.memority.com/citadel/core/1_0" xmlns:ctdidm="http://www.memority.com/citadel/idm/1_0" xmlns:ctdrep="http://www.memority.com/citadel/rep/1_0" xmlns:ctdrule="http://www.memority.com/citadel/rule/1_0" xmlns:ctdtnt="http://www.memority.com/citadel/tnt/1_0" xmlns:kit="http://www.memority.com/toolkit/1_0" xmlns:rule="http://www.memority.com/toolkit/rule/1_0" xmlns:ruleaddon="http://www.memority.com/toolkit/addons/rule/1_0" xmlns:search="http://www.memority.com/toolkit/search-expression/1_0" xmlns:settings="http://www.memority.com/toolkit/addons/settings/1_0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <ctdbum:FeatureConfiguration id="test_oath-registration">
      <createdAt>2021-12-16T08:29:40.574Z</createdAt>
      <updatedAt>2021-12-16T08:58:29.402Z</updatedAt>
      <name>oath-registration</name>
      <description>Register user with OATH key</description>
      <type>UI_FOR_OBJECT</type>
      <scope type="EXPRESSION" objectKind="IDENTITY">
         <searchExpression/>
         <objectTypes>
            <objectType>test_identityType_employee</objectType>
         </objectTypes>
      </scope>
      <options>
         <formLabelOnTop>false</formLabelOnTop>
         <pendingOperationBehaviour>WARN</pendingOperationBehaviour>
         <submit>
            <reportDisplay>DISPLAY_ALL</reportDisplay>
         </submit>
      </options>
      <screen>
         <views>
            <view id="oath-registration-view-1">
               <description></description>
               <icon>fa fa-user</icon>
               <sections>
                  <section id="oath-registration-section-1">
                     <layout>SINGLE</layout>
                     <columns>
                        <column>
                           <widgets>
                              <widget id="oath-registration-widget" xsi:type="ctdbum:OATHRegistrationWidgetType">
                                 <hidden>false</hidden>
                                 <displayOptions>
                                    <modalSize>SM</modalSize>
                                 </displayOptions>
                                 <config>
                                    <bordered>false</bordered>
                                    <title>true</title>
                                    <displayWizardSteps>false</displayWizardSteps>
                                    <displayWizardProgressBar>false</displayWizardProgressBar>
                                 </config>
                              </widget>
                           </widgets>
                        </column>
                     </columns>
                  </section>
               </sections>
            </view>
         </views>
         <frame>
            <actions/>
            <collapsible>false</collapsible>
            <display>PORTLET</display>
            <initiallyCollapsed>false</initiallyCollapsed>
            <title>false</title>
         </frame>
      </screen>
      <authentication>
         <authenticationLevelComparison>MINIMUM</authenticationLevelComparison>
      </authentication>
      <operations/>
      <operationOnSelf>true</operationOnSelf>
   </ctdbum:FeatureConfiguration>
</kit:DataSet>

Read Next

Search Widgets — Allows to perform search on objects and to create a result table.

List Widget — Allows to display a list of results (external or internal data).

Roles Widgets — Allows to manage all functionalities about roles (assignment, request, dashboard, dimensions...).

Password Widgets — Allows to manage password for Identities (generate a password according to several criteria, reset password).

Button Widgets — Allows to display button in order to redirect the user to another feature.

MFA Widgets — Allows to enroll and manage MFA devices.

Webauthn Widgets — Allows to enroll and manage Webauthn devices.

Separator Widget — Allows to separate several widgets on a feature.

OATH Registration widget — Allows to provision the shared secret key between an OTP generator (such as Google Authenticator) and the verification server (AM server).

OTP Widgets — Allows to enroll and manage OTP addresses

Workflow History Widget — Allows to display pending workflows history launched from a Feature

Reporting Widgets

User Devices Widget — Used to allow users or admin to list, rename or delete devices.

App Dashboard Widget

Audit Report Widget — Allows to display audit events on object types.

Schedule Report Widget — Allows to display pending operations on object types.

Proxy Widget — Allows to reference a widget from another Feature and make it act as if it was communicating with this original Feature.

Dashboard Widget — Allows to display dashboard items configured from other widgets

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.