One Time Passcode Configuration

From idenprotect Knowledge Base
Jump to: navigation, search

If you have not made any configuration changes yet, please see How to make configuration changes

Introduction

One Time Code is sometimes shortened to OTC or OTP (One Time Passcode).

One Time Codes can be used as an additional step for the enrollment process. You can specify that a User must also enter a special One Time Passcode to complete the process by navigating to User Enrollment Policies and setting Activation Required? to true. This code will be emailed out to the user during enrollment process.

One Time Codes can also be used as an authentication method. More details here: One Time Passcode

You can configure the One Time Codes to be delivered via SMS - more details can be found below.

Configuring One Time Codes

This configuration can be found in: -

  • One Time Passcode Configuration section in the idenprotect Core Platform Admin Console CONFIG Tab
  • Server file system in /etc/idenprotect/otp.properties
Parameters for One Time Code
Parameter in Config Tab Parameter in Properties File Description
Time Step in Seconds totp.time.step.interval.in.seconds How long a passcode is valid for
Time Step Window totp.time.step.window Allowed time slip between client and server
Time based passcode length truncate.totp.to.number.of.digits How many digits the passcode should be
Mac Algorithm otp.mac.algorithm The algorithm for passcode generation (defaulted to HmacSHA1)

Configuring One Time Code Messages

This configuration can be found in: -

  • One Time Code Message Configuration section in the idenprotect Core Platform Admin Console CONFIG Tab
  • Server file system in /etc/idenprotect/message.properties
Parameters for One Time Passcode
Parameter in Config Tab Parameter in Properties File Description
Message Provider message.sender.name The SMS service provider / gateway, needs to match the class name of the SMS connector
Message Gateway URL message.sender.url URL where messages requests need to be sent
Account Username message.sender.username Username of the SMS provider account
Account Password message.sender.password Password for the SMS provider account
One Time Code Message Text message.sender.string Text of the message to be sent to the User that contains their One Time Code, {otc} will be replace by the User's passcode
Destination Prefix message.sender.destination.prefix.to.add A prefix may need to be added to the destination, for example a country code
Destination Prefix to Remove message.sender.destination.prefix.to.remove A prefix may need to be removed from the destination, for example a leading 0
Message Sender message.sender.originator The Message will appear to have been sent by the originator, check your provider for valid values
Message Overwrite message.sender.overwrite If supported by the provider, this will enable a One Time Code message to overwrite a previous One Time Code message in the Users inbox