Hi Tharindu Edirisinghe,

Thank you for quick response currently I am using WSO2 IS 5.3.0 since I am familiar with it but I will be using latest version later on.


I am ready to write custom authenticator but one more problem I can use login pages for both first and second steps, Is there any REST APIs exist to authenticate users?

Thanks,

Shiva


On Thursday 17 May 2018 06:29 PM, Tharindu Edirisinghe wrote:
Hi Shiva,

No, it's not possible to use TOTP authenticator as the 1st step. The reason is, in the authenticator, it checks some user claims (like if TOTP is enabled for the user) for the already authenticated user (see code [1]). It assumes it is not the 1st step.

However, if you need to use this as the 1st (or the only) step in the authentication flow, then you can write your own custom authenticator to achieve the requirement. If you require more information on this, let us know the Identity Server version you are trying out, so we can point you to the relevant references.

[1] https://github.com/wso2-extensions/identity-outbound-auth-totp/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java#L153

Regards,
Tharindu Edirisinghe

On Thu, May 17, 2018 at 6:15 PM Shiva Kumar K R <shiv...@securelyshare.com <mailto:shiv...@securelyshare.com>> wrote:

    Hi All,
    I want to generate access token using otp authentication as first
    step. I have successfully configured totp authentication for
    second step of multi factor authentication. Is it possible to use
    it in first step by sending email in request parameter to totp
    endpoint.

    Thanks,
    Shiva
    _______________________________________________
    Dev mailing list
    Dev@wso2.org <mailto:Dev@wso2.org>
    http://wso2.org/cgi-bin/mailman/listinfo/dev



--

Tharindu Edirisinghe
Associate Technical Lead | WSO2 Inc
Platform SecurityTeam
Blog : http://tharindue.blogspot.com
mobile : +94 775181586


_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to