OATH Device Storage node
The OATH Device Storage node stores devices in the user profile after an OATH Registration node records them in the shared state.
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
Yes |
ForgeRock Access Management (self-managed) |
Yes |
ForgeRock Identity Platform (self-managed) |
Yes |
Authenticators
The OATH-related nodes can integrate with the following authenticator apps:
-
The ForgeRock Authenticator app for Android and iOS.
-
Third-party authenticator apps that support the following open standards:
Inputs
This node reads the device profile as the value of the shared state attribute oathDeviceProfile
.
Dependencies
Precede this node in the flow with an OATH Registration node with its Store device data in shared state setting enabled.
Errors
This node logs a No device profile found on shared state
error message
if it can’t get the device profile from the oathDeviceProfile
shared state attribute.
Example
The following journey includes both username-password and one-time passcode authentication:
-
The Page node with the Platform Username node and the Platform Password node prompts for the user credentials.
-
The Data Store Decision node confirms the username-password credentials.
-
The first OATH Token Verifier node prompts for a one-time passcode with an option to use a recovery code.
-
The OATH Registration node prompts the user to register a device and includes its profile in the shared state.
-
The Recovery Code Display node shows the recovery codes and prompts the user to keep them safe.
-
The second OATH Token Verifier node prompts for a one-time passcode using the newly registered device.
-
The OATH Device Storage node writes the device profile to the user’s account.
-
The Recovery Code Collector Decision node prompts for a recovery code.
-
The Retry Limit Decision node lets the user retry another code if they enter one incorrectly.