AM 7.3.2

Recovery Code Collector Decision node

Lets users authenticate with a recovery code provided when registering a device for multi-factor authentication.

Use this node for a flow that includes push notifications or one-time passwords. When the user loses their registered device, they can use a recovery code as an alternative method for authentication. For more information on viewing the recovery codes when registering a device, refer to Register the ForgeRock Authenticator for multi-factor authentication.

Outcomes

  • True

  • False

Evaluation continues along the True outcome path if the provided recovery code matches one belonging to the user. To determine whether the provided code belongs to the user, the shared state must include the username. You can obtain this using a Username Collector node.

If the recovery code does not match, or a username has not been acquired, evaluation continues along the False outcome path.

Properties

Property Usage

Recovery Code Type

Specify the type of recovery code the user will submit for verification.

Default: OATH