![]() The CreateUriLabel claims transformation type of FormatStringMultipleClaims.The issuer name is your tenant name, such as "Contoso demo". The claims transformation creates the TOTP issuer name. The CreateIssuer claims transformation type of CreateStringClaim.Your custom policy uses the key to validate the TOTP code provided by the user. The authenticator app uses the key to generate a TOTP code the user needs to go through MFA. This key is later stored in the user's profile in Azure AD B2C, and is shared with the authenticator app. The claims transformation creates a TOTP secret key. The CreateSecret claims transformation type of CreateOtpSecret.The input claims transformations must be called in the following order: The self-asserted technical profile uses input claims transformation to prepare the required qrCodeContent and secretKey input claims. The display controls are referenced from a self-asserted technical profile. The following XML snippet shows the three display controls: The following screenshot illustrates the TOTP enrollment page showing the three display controls. AuthenticatorInfoControl - Render the TOTP introduction.AuthenticatorAppIconControl - Render the Microsoft Authenticator app icon with a link to download the app to the user's mobile device.When the user scans the QR code or opens the deep link, the authenticator app opens so the user can complete the enrollment process. totpQrCodeControl - Render the QR code and a deep link.To enable TOTP within your custom policy, use the following display controls: End users need to use an authenticator app that generates TOTP codes, such as the Microsoft Authenticator app or any other authenticator app that supports TOTP verification. Use time-based one-time password (TOTP) display controls to enable multifactor authentication using the TOTP method.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |