OATH Device Storage node
The OATH Device Storage node stores devices in the user profile after an OATH Registration node records them in the shared state.
Availability
| Product | Available? |
|---|---|
PingOne Advanced Identity Cloud |
Yes |
PingAM (self-managed) |
Yes |
Ping Identity Platform (self-managed) |
Yes |
Authenticators
The OATH-related nodes can integrate with the following authenticator apps:
-
The ForgeRock Authenticator app for Android and iOS.
-
Third-party authenticator apps that support the following open standards:
Inputs
This node reads the device profile as the value of the shared state attribute oathDeviceProfile.
Dependencies
Precede this node in the flow with an OATH Registration node with its Store device data in shared state setting enabled.
Errors
This node logs a No device profile found on shared state error message
if it can’t get the device profile from the oathDeviceProfile shared state attribute.
Example
The following journey includes both username-password and one-time passcode authentication:
-
The Page node with the Platform Username node and the Platform Password node prompts for the user credentials.
-
The Data Store Decision node confirms the username-password credentials.
-
The first OATH Token Verifier node prompts for a one-time passcode with an option to use a recovery code.
-
The OATH Registration node prompts the user to register a device and includes its profile in the shared state.
-
The Recovery Code Display node shows the recovery codes and prompts the user to keep them safe.
-
The second OATH Token Verifier node prompts for a one-time passcode using the newly registered device.
-
The OATH Device Storage node writes the device profile to the user’s account.
-
The Recovery Code Collector Decision node prompts for a recovery code.
-
The Retry Limit Decision node lets the user retry another code if they enter one incorrectly.