ForgeRock OpenAM Multi Factor Authentication Using Adaptive Risk Authentication Module & OTP

In this episode, you’ll see ForgeRock OpenAM’s two factor authentication feature employing it’s Adaptive Risk Authentication Module instance and HOTP module instance

So in the video demonstration that follows this post, you’ll see a user attempting to login against an Authentication Chain (say ‘MyAuthChain’) which has three module instances namely (i) Data Store, (ii) Adaptive Risk and (iii) HOTP. If the user is able to supply the right credentials against the Data Store, he or she is allowed in without any further challenge. On the other hand, if the the attempt to authenticate against the first Module instance (Data Store) fails, then the user is prompted for additional credentials like One Time Password.

The following illustration might give a rough idea on the what’s discussed above and the video that follows might make it pretty clear.

MultiFactorAuthentcation

Enjoy!

This blog post was first published @ www.fedji.com, included here with permission.

1 Comment

Comments are closed.

  1. Spartan1987 3 years ago

    Is there a way we can map or change the Email to any custom attribute that needs to be fetched for HOTP. I am getting the issue as unable to fetch email of the loginid. Couldnt find much info in the Documentation.
    First datastore authenticates & HOTP sending fails.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?