Used when authenticating using  username, password & One Touch.


Name Description Default value Mandatory
pipeID The id of the pipe validating username & passwor N/A Yes
loginTemplate Name of the template file presenting the enduser UI entering credentials login.template No
userNameParamName Parameter containing the username username No
passworParamterName Parameter containing the password password No
serviceName Name of the service shown in the One touch assignment PhenixID No
notify Should push be used. Note that push must be enabled on server level in orde for this to work true No
pollingTemplate Template used when polling for status of the pending One Touch authentication onetouchpoll.template No
clientTemplate Template rendering the assignment sent to One Touch client ot_auth_template No
ot_push_message Message shown on the client when using push login.assignment.client.message.ot_push_message No

Example Configuration

    "alias": "OIDCUidPasswordOneTouch",
    "name": "OIDCUidPasswordOneTouch",
    "configuration": {
        "pipeID": "authPipe"

To use consent, two parts needs to be configured. The authenticator in use and the authentication pipe.

Two consent parameters must be configured on the authenticator.

Secondly an additional valve, OIDCConsentDataValve, must be configured with the data the user will be asked to approve being sent. The format and available rules of the consent data can be found on the documentation page for the OIDCConsentDataValve.


One Touch enabled on the system and at least one active profile on the user trying to authenticate.

When using consent, a session must be available and the OIDCConsentDataValve must be placed before the SessionPersistValve  in the pipe.

The data must be fetched prior to OIDCConsentDataValve with for example LDAPSearchValve.