Integration of User Login with one-time password (OTP)
OneSpan Cloud Authentication enables users to login to your web application and validate events by generating an one-time password (OTP). An authenticator (hardware or software) that supports Response-Only OTP generation is provisioned for the user.
During the allocation of the authenticator, hardware authenticators can either be defined to use Response-Only or time-based OTPs, and can be modified on an as-needed basis.
You integrate user authentication with OTP with a login request.
To integrate user authentication with OTP
- Issue a login request via the POST /users/{userid@domain}/login endpoint:
- Method: POST
- Payload:
- objecttype: “LoginInput”
- credentials.authenticator.OTP
The user initiates the login process and provides the Response-Only (RO) OTP generated by their authenticator. OneSpan Cloud Authentication validates the OTP and authenticates the user.
Sequence of a login operation
-
The user initiates the login operation which triggers the client application to send a login request This request includes the following parameters:- authenticator user
- authenticator domain
- Response-Only OTP
-
The web service validates the Response-Only OTP.
- OneSpan Cloud Authentication returns the validation result of the OTP.
- The Login service forwards the validation result to the web service.
- The client application checks the status of the login request with the web service.
- The web service returns to the client application that the authentication has been successful.