Authentication Level

In Onegini IDP it is possible to specify required user authentication level. Depending on required authentication level the user may be requested to perform step-up authentication. For example in order to access resource, the user may be requested to authenticate with password and SMS code. Service provider can be configured in Onegini IDP to require specific authentication level. Service Provider can override it by using authentication_level request param. The following is authentication request example: http://idp.com/saml/single-sign-on?authentication_level=3.