Page created: 26 Mar 2021
|
Page updated: 8 Feb 2022
The One-Time Passcode Integration Kit generates passcodes that the user must enter to complete the authentication flow.
Passcode storage
PingFederate does not store one-time passcodes at any time. Instead, passcodes are generated based on several components that are stored in memory, including a nonce value, a transaction id, and "secret" value associated with the adapter instance.
Passcode duration
Passcodes are associated with a particular PingFederate session. Although the passcodes themselves do not expire, they can only be used once and only for the associated session and authentication flow. When the authentication flow ends, the passcode is no longer valid.