The MFA Integration Kit includes the SDK CIBA Authenticator, which works with 's CIBA feature.
Note:

For instructions on configuring the CIBA Authenticator for the MFA Integration Kit, see Configuring a CIBA authenticator instance.

  1. Click OAuth Server > Authenticators to open the CIBA Authenticators screen.
  2. On the CIBA Authenticators screen, click Create New Instance to start the Create CIBA Authenticator Instance configuration wizard.
  3. On the Type screen, configure the basics of this authenticator instance.
    1. Enter a name and an ID in the Instance Name and Instance ID fields.
    2. Select a CIBA authenticator from the Type list.
      Selections vary depending on the deployed CIBA authenticators.

      You may use the PingFederate SDK to implement a custom solution. For more information, refer to the Javadoc for the OOBAuthPlugin interface, the SampleEmailAuthPlugin.java file for a sample implementation, and the SDK developer's guide for build and deployment information.

      Tip:

      The Javadoc for PingFederate and the sample implementation are located under the <pf_install>/pingfederate/sdk directory.

  4. On the Instance Configuration screen, follow the on-screen instructions to configure the authenticator instance.
    Configuration requirements vary depending on the authenticator implementation.
  5. On the Actions screen, follow the on-screen instructions to test the validity of the authenticator instance configuration or to perform secondary configuration tasks.
    Availability of this screen and actions vary depending on the authenticator implementation.
  6. On the Extended Contracts screen, follow the on-screen instructions to define additional attributes.
    The authenticator contract is the list of input parameters used to challenge the user for authentication. Some authenticators support extending the contract for additional functionality, such as formatting the data presented to the user during the authentication challenge.

    Availability of this screen and supported attribute names vary depending on the authenticator implementation.

  7. On the Summary screen, review your configuration, modify as needed, and click Done to exit the Create CIBA Authenticator Instance workflow.
  8. On the CIBA Authenticators screen, click Save to retain the configuration of the authenticator instance.
    If you want to exit without saving the configuration, click Cancel.