PhenixID DocumentationPhenixID Authentication ServicesVersion 2.8 SolutionsUse of sessionValues parameter on HTTP authenticator

Use of sessionValues parameter on HTTP authenticator

This document is written for PhenixID Server.

This document describes how the parameter 'sessionValues' can be used on authenticators.

The reader should have some basic knowledge about PhenixID Server.

Make sure to have a backup of the files being edited.

Description

The parameter 'sessionValues' can be used on authenticators using two steps for login, to add customized text to second factor template.

This document will show an example of how this can be done, using the authenticator, PostUidPasswordAndOTPSAML.

Templates are located in:
<PhenixIDinstallationdirectory>/mods/com.phenixidentity~auth-http~<version>/templates

Make sure to have a backup of the files being edited.

Configuration

Login to the Configuration portal, click the tab 'Advanced', click on the pencil next to 'Authentication - HTTP' and find the authenticator that should have customized text. Add the parameter 'sessionValues' according to the example below.

{
    "id": "a225e65a-b457-4e18-805b-d073f881b1a7",
    "alias": "samluidpwdotp",
    "name": "PostUidPasswordAndOTPSAML",
    "displayName": "UidPwdOTPSAML",
    "configuration": {
         "loginTemplate": "login.template",
         "allowLanguageChange": "true",
         "userValidationPipeID": "b2cef383-35c6-4703-9f3a-973a7c917bfb",
         "otpValidationPipeID": "e9d1f8b3-7ac7-4846-8167-13ede8d61f46",
         "idpID": "0aa1d17c-12e1-484a-8722-7c75a008b1ba",
         "sessionValues": [
            "mobile",
            "mail"
           ]
     }
}

Click Stage Changes and Commit Changes.

We need to add three valves to the flow:
- SessionLoadValve
- SessionPropertyAddValve
- SessionPersistValve

In the Configuration portal, click the tab 'Scenarios' and locate the scenario used for login.
On the tab 'Execution flow', open up the first pipe, 'Find user, validate password and send otp' and press 'Add valve'.
Add the valve SessionLoadValve accordingly:

Place this valve between OTPGeneratorValve and OTPBySMSValve.
Now add SessionPropertyAddValve and SessionPersistValve to the end of the pipe:

In this example the value for attribute 'mobile' will be picked up in the pipe and be displayed using the configuration in the template, expalined below.

Flow should now look like this:

When the changes has been made, press 'Save'.

We can now use the value 'mobile', in the template. For this example we will use otp.template.

Add the value accordingly:

{{#login.messages.generalerror}}
   <div class="alert alert-danger">
       {{login.messages.generalerror}}
   </div>
{{/login.messages.generalerror}}
{{#error}}
   <div class="alert alert-danger">{{error}}</div>
{{/error}}
OTP delivered to: {{mobile}}
<input class="form-control" type="text" id="inputPassword" name="otp" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" placeholder="{{login.messages.enterotp}}" required="true">
<input class="form-control securitycode" placeholder="Security code" autocomplete="off" name="securitycode" type="input">

The result should now look similar to this example: