Virtual Mobile Authenticator OTP Request Website

The following form fields must be used on the Virtual Mobile Authenticator OTP Request Website and posted to the servlet (action="web"):

Virtual Mobile Authenticator OTP Request form fields

Form field name	Visible label	Description
username	User Name	Required. The user name for logging on to Virtual Mobile Authenticator OTP Request Website. The maximum length is 255 characters.
password	Password	Required. For primary Virtual Mobile Authenticator: The password for logging on to Virtual Mobile Authenticator OTP Request Website. For backup Virtual Mobile Authenticator: The password for logging on to Virtual Mobile Authenticator OTP Request Website and/or a keyword. The maximum length is 128 characters.
commit	Request OTP	Required. The button to submit data entered by the user to OneSpan Authentication Server.
replay_token	<hidden>	Required. Internally used form field to prevent re-transmission of form data.

Virtual Mobile Authenticator OTP request process

1. The user navigates to the Virtual Mobile Authenticator OTP Request Website.
2. The user enters their user name.

3. The user enters their password:

   • For primary Virtual Mobile Authenticator, the normal static password is used.

   • For backup Virtual Mobile Authenticator, a keyword, the static password, or a combination of both is used.

4. The user clicks Request OTP.
5. The one-time password is sent to the user's mobile phone or email.