---
title: OOTB - Device Management - Main Flow
description: The OOTB - Device Management - Main Flow lets users view and manage the devices associated with their account. It can only be launched using the widget.
component: pingone-solutions
page_id: pingone-solutions:pingone-customers-passwordless:flow_reference/ciam_passwordless_ciam_pm_device_management
canonical_url: https://docs.pingidentity.com/pingone-solutions/pingone-customers-passwordless/flow_reference/ciam_passwordless_ciam_pm_device_management.html
revdate: May 31, 2024
section_ids:
  purpose: Purpose
  structure: Structure
  input-schema: Input schema
  output-schema: Output schema
  variables-and-parameters: Variables and parameters
---

# OOTB - Device Management - Main Flow

The OOTB - Device Management - Main Flow lets users view and manage the devices associated with their account. It can only be launched using the widget.

## Purpose

The OOTB - Device Management - Main Flow presents users with their current multi-factor authentication (MFA) *(tooltip: \<div class="paragraph">
\<p>An electronic authentication method where a user is granted access only after presenting two or more verification factors for authentication.\</p>
\</div>)* devices. It then presents the options for users to add new devices, change the name or status of existing devices, or remove an existing device.

## Structure

Diagram of the structure, as described below.

This flow is divided into sections using teleport nodes:

* **Check Pre-requisite for Device Management**

  Uses PingOne nodes to check for an existing session and retrieve user information. If MFA is enabled for the account, the flow progresses to the **Display User Devices** section. If MFA is not enabled, the flow progresses to the **Enable MFA** section.

* **Enable MFA**

  Displays a custom HTML template gives the user an option to enable MFA. If the user does so, a PingOne node enables MFA for the account and the flow progresses to the **Display User Devices** section.

* **Display User Devices**

  Uses a PingOne node to retrieve the user's known devices. If the user can add devices, a custom HTML template presents the user with device options. If the user selects **Add**, the flow progresses to the **Add Device** section. If the user selects **Done** or **Cancel**, the flow progresses to the **Return Success** section. If the user selects an existing device, the flow progresses to the **Update Device** section.

* **Add Device**

  Invokes the **CIAM-Passwordless-Protect-Device-Registration-Subflow** flow. It then progresses to the **Display User Devices** section if the addition was successful or canceled.

* **Update Device**

  Presents users with a custom HTML page showing options for a currently selected device. The **Save**, **Default**, and **Remove** options trigger PingOne nodes to save a new device name, set the current device as default, or remove the current device. The flow then progresses to the **Display User Devices** section.

* **Return Error**

  Displays an error message, then sends a JSON error response.

* **Return Success**

  Sends a JSON success message.

## Input schema

This flow has the following inputs.

| Input Name | Description                                              |
| ---------- | -------------------------------------------------------- |
| `username` | The username of the user whose profile is being updated. |

## Output schema

This flow has the following outputs.

| Output Name         | Description                                      |
| ------------------- | ------------------------------------------------ |
| `ciam_errorMessage` | The error message to display in the parent flow. |
| `ciam_errorCode`    | The error code to display in the parent flow.    |

## Variables and parameters

This flow uses the following variable or parameter values.

| Variable name                | Parameter name            | Description                                                                                |
| ---------------------------- | ------------------------- | ------------------------------------------------------------------------------------------ |
| `ciam_sessionLengthInMinute` | None                      | The number of minutes after which a session is no longer valid.                            |
| `ciam_logoStyle`             | None                      | The HTML style to use for your company logo.                                               |
| `ciam_logoUrl`               | None                      | The URL for your company logo.                                                             |
| `ciam_companyName`           | None                      | Displays the name of your company.                                                         |
| `isSmsOTPEnabled`            | `ciam_smsOtpEnabled`      | A boolean indicating whether one-time passcode using sms is enabled in your environment.   |
| `isEmailOTPEnabled`          | `ciam_emailOtpEnabled`    | A boolean indicating whether one-time passcode using email is enabled in your environment. |
| `isFidoPasskeyEnabled`       | `ciam_fidoPasskeyEnabled` | A boolean indicating whether FIDO passkey is enabled in your environment.                  |