Search Results
-
Using PhenixID HTTP API to get OTP based on called-in phone number
The use case behind this API call:
- The end user will retreive one-time-password by calling to a specific phone number (company phone system)
- The company phone system will pick up the phone number of the called-in user
- The company phone system will call out to this api, sending in the phone number of the called-in user
- PhenixID MFA server will search for the user (based on the received phone number)
- If the user is found, an OTP will be generated and bound to the userID
- The PhenixID HTTP API will return the OTP value to the calling API client (the company phone system)
- The company phone system will automatically echo the one-time-password to the end user.
- API function end
After the api call:
- The end user will enter username, password and OTP (the service protected may vary) and click Login
- Username, password and OTP will be sent to PhenixID MFA server
- PhenixID MFA server will validate the password (against the user directory) and the OTP
- If validation is ok, user will be logged in.
NB! This scenario can also be used for username+OTP based logins.