Hi Shiva, Along with the custom authenticator, you can introduce your own JSP files for each step. That would be the best way for implementing the required feature, because then you can manage the authentication flow by configuring the steps via UI, easily.
An alternative is using SCIM [1], however when comes to authentication, you may invoke the /scim/Me endpoint with user credentials, which is a workaround... there, the user needs to have the required permission for invoking the API. If the user is authenticated, it'll give 200OK and if the authentication fails, it'll give 401 error. If the user is authenticated, but not having the required permission to invoke the API, it'll give 500 error. [1] https://docs.wso2.com/display/IS550/SCIM+2.0+REST+APIs Regards, TharinduE On Thu, May 17, 2018 at 7:14 PM Shiva Kumar <[email protected]> wrote: > Hi Tharindu Edirisinghe, > > Thank you for quick response currently I am using WSO2 IS 5.3.0 since I am > familiar with it but I will be using latest version later on. > > I am ready to write custom authenticator but one more problem I can use > login pages for both first and second steps, Is there any REST APIs exist > to authenticate users? > > Thanks, > > Shiva > > On Thursday 17 May 2018 06:29 PM, Tharindu Edirisinghe wrote: > > Hi Shiva, > > No, it's not possible to use TOTP authenticator as the 1st step. The > reason is, in the authenticator, it checks some user claims (like if TOTP > is enabled for the user) for the already authenticated user (see code [1]). > It assumes it is not the 1st step. > > However, if you need to use this as the 1st (or the only) step in the > authentication flow, then you can write your own custom authenticator to > achieve the requirement. If you require more information on this, let us > know the Identity Server version you are trying out, so we can point you to > the relevant references. > > [1] > https://github.com/wso2-extensions/identity-outbound-auth-totp/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java#L153 > > Regards, > Tharindu Edirisinghe > > On Thu, May 17, 2018 at 6:15 PM Shiva Kumar K R <[email protected]> > wrote: > >> Hi All, >> I want to generate access token using otp authentication as first step. I >> have successfully configured totp authentication for second step of multi >> factor authentication. Is it possible to use it in first step by sending >> email in request parameter to totp endpoint. >> >> Thanks, >> Shiva >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > > Tharindu Edirisinghe > Associate Technical Lead | WSO2 Inc > Platform Security Team > Blog : http://tharindue.blogspot.com > mobile : +94 775181586 > > > -- Tharindu Edirisinghe Associate Technical Lead | WSO2 Inc Platform Security Team Blog : http://tharindue.blogspot.com mobile : +94 775181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
