Mobile-login

When Onegini IDP is configured to work with Onegini's Token Server, it is possible to utilise Mobile Authentication functionality to enable end-users to login with their mobile devices.

mobile-login

Configuration

Properties

Mobile-login requires following properties to be configured:

  • IDP_MOBILE_AUTH_API_USERNAME
  • IDP_MOBILE_AUTH_API_PASSWORD
  • IDP_MOBILE_AUTH_API_URL
  • IDP_MOBILE_LOGIN_AUTH_TYPE
  • IDP_MOBILE_LOGIN_AVAILABILITY_AUTH_TYPE
  • IDP_MOBILE_LOGIN_MESSAGE

Optionally, in case you want to change the allowed number of login attempts for Mobile-login functionality please use IDP_MOBILE_LOGIN_ALLOWED_ATTEMPTS property.

Please refer to configuration properties description to get more information on how above should be configured.

Admin

In order to use mobile login functionality it needs to be enabled and configured within Onegini IDP admin panel (admin -> configutation -> identity providers). Configuration view contains below fields:

Field name Description
Mobile Login enabled Enables/disables mobile login.
LDAP configuration for mobile login LDAP attribute name that should be used as user identifier when communicating with Token Server.
Callback base URL Base URL of the callback to which Token Server is redirected after mobile login initialization. If left blank it will be resolved from request URL.

Usage

The user will be able to login with the mobile device when:

  • has coupled the account with the mobile app (which is using Onegini's Mobile SDK)
  • has enabled Mobile Authentication within the mobile app
  • has successfully logged in to Onegini IDP at least once having all other prerequisites met