Use this activity to include phone-based authentication in a self-service workflow. If your license includes phone-based authentication service, you will be able to configure and use this activity.
|
IMPORTANT: To enable users to use phone-based authentication, configure the user scope for this feature. For more information, see Telephone Verification feature license. |
If your Password Manager license does not include phone-based authentication service and you want to use this service, please contact One Identity Software Support to obtain the necessary license at https://support.oneidentity.com/.
Before enabling phone-based authentication, make sure that users’ phone numbers stored in Active Directory are in a correct format. The phone number must meet the following requirements:
- The number starts with either 00 or + followed by a country code and subscriber’s number. For example, +1 555-789-1314 or 00 1 5554567890.
- The number can have extensions. For example, the number +1 555 123-45-67 ext 890.
- Digits within the number can be separated by a space, hyphen, comma, period, plus, or minus signs, slash (/), backward slash (\), asterisk (*), hash (#), and a tab character.
- The number can contain the following brackets: parentheses (), curly braces {}, square brackets [], and angle brackets <>. Only one set of brackets is allowed within the number. The opening bracket must be in the first half of the number. For example, the number +15551234(567) will be considered invalid.
The USA numbers may not start with 00 or + sign, if they comply with all other requirements and contain 11 digits. For example, the number 1-555-123-3245 will be considered valid.
This activity has the following settings:
- Authentication method. You can specify whether you want users to receive a call or an SMS with a one-time PIN code by selecting the corresponding option. You can also allow users to choose the authentication method on the Self-Service site by selecting the Allow users to choose between an automated voice call and SMS option.
- Authentication method. You can specify whether you want users to receive a call or an SMS with a one-time PIN code by selecting the corresponding option. You can also allow users to choose the authentication method on the Self-Service site by selecting the Allow users to choose between an automated voice call and SMS option.
- SMS template. Enter the text message that will contain a one-time PIN code and will be sent to users during phone authentication.
- telephoneNumber, homePhone, mobile and other attributes. Select one or several attributes of a user account from which telephone numbers will be used during phone-based authentication. You can also specify other attributes.
You can test the configured settings by clicking the Test settings button and entering the phone number to which a one-time PIN code will be sent.