Hi All,
I am working on creating common extension framework for IS authenticators.
In extension common framework, I am planing to add the following features
which can be reused in authenticators.
- Federated authenticator support - Currently, two-factor authenticator
supports basic authenticator in the first step and federated authentication
in first factor supports only in TOTP authenticator. I am planing to add
this federated authenticator support in common framework so we can reuse in
all two factor authenticators.
- Account Lock/Unlock - Currently, we don't have any limit for applying
the code in two factor authenticator authentication. I am planing to add
Lock a user account functionality [1] when configurable number of applying
code attempts are exceeded in second step of authentication.
- Alternative authentication steps
Backup Phone no - Add backup phone so user can still sign in
if user lose phone and add alternative step as backup phone no.
Backup codes - These printable one-off pass codes allow you
to sign in when away from your phone, like when you’re traveling.
Currently We have similar
functionality in SMS OTP authenticator,We will move to IS authenticator
common framework which can be used in other authenticators.
- HOTP and TOTP algorithm based code generation - We can reuse OTP code
generation in SMS [2] and Email OTP [3], TOTP [4] authenticators.
Please let me know if you have any concerns.
[1] - https://docs.wso2.com/display/IS520/User+Account+Locking+and
+Account+Disabling
[2] - https://docs.wso2.com/display/ISCONNECTORS/Configuring+SMSOT
P+Authenticator
[3] - https://docs.wso2.com/display/ISCONNECTORS/Configuring+Email
OTP+Authenticator
[4] - https://docs.wso2.com/display/ISCONNECTORS/
Configuring+TOTP+Authenticator
Thanks,
Kathees
--
Kathees
Software Engineer,
email: [email protected]
mobile: +94772596173
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
