Hi Team, I configured two step authentication with google federated authentication and TOTP for a service provider; i.e, first step is configured to use google as federated IdP, second step is TOTP. Both 'authenticationMandatory' and 'enrolUserInAuthenticationFlow' is set to true in TOTP authenticator configuration in application-authentication.xml file, such that TOTP is enforced and can enrol user while login.
Now, when trying to access the SP, Google login page popped up for which user credentials were provided and authenticated. Then, in the next step, TOTP propose to enrol the user by scanning the QR code which was done. The federated user logged in successfully. Now, suppose I want to refresh the secret key of this account or clear it, such that the user needs to scan the QR code again. This could be done for a local user as the secret key was stored under ' http://wso2.org/claims/identity/secretkey' claim. But, for the user federated over google this could not be done. And I'm not sure where do we store the secret key for this account. Appreciate your input. Thanks, Malithi. -- *Malithi Edirisinghe* Associate Technical Lead WSO2 Inc. Mobile : +94 (0) 718176807 [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
