One Touch

The One Touch guide configures the PhenixID server backend components enabling the use of the One Touch client. When configured, the One Touch extensions in MFA Admin and Self Service will be enabled.

Start guide

Start the guide by clicking the '+' sign on the One Touch menu item.

Guide steps

You navigate the guide using the previous and next buttons at the bottom of the page. You can also choose to cancel the guide at any time (information entered will be lost).

Guide steps

Issuer

Issuer is a logical name used for naming profiles the One Touch application.

External URL

External URL is a prefix used for building callback URLs for use by the One Touch client to enroll and to fetch assignments.
The prefix may be the actual endpoint of PhenixID server, but can also be a logical endpoint redirected to the actual server by a firewall or a reverse proxy.
Using a firewall or reverse proxy for the traffic is strongly recommended.

Choose the URL with care since this value can not be changed for activated clients.
External URL for One Touch is used both for activation and for normal operations

The URL needs to be accessible from the devices using One Touch, SSL should be used.
Example:
https://ot.company.org

Push notifications

Enable support for sending push notifications to mobile devices. Used for notifying users of pending assignments.

Finish

Guide is completed, click Create create the One Touch configuration. Server will immediately activate the One Touch backend components.

Finish

Guide edit

Edit the guide by clicking on Configuration below the One Touch menu item

When editing a guide configuration you click save to save your changes. Save applies to all tabs. Server will immediately reload to reflect your changes.

If you click delete the configuration will be deleted. Please note that other configurations using One Touch will break if you delete your configuration.

General

General settings. Please note that Issuer and External URL settings will not affect already enrolled/activated clients.

For more information about External URL, see Server External URL.

Push messaging

Enable support for sending push notifications to mobile devices. Used for notifying users of pending assignments.

Advanced

Choose from the dropa down what HTTP port/connection listening for One Touch communication. If using SSL/TLS the server certificate must be trusted by the One Touch client.

Action

Actions are shown within the One Touch profiles. Consider them as links.  An action have a name, description, location,& icon.

Adding an action will have direct result on enrolled clients.  Actions may have the a property set requiring the user to identify themselves when trying to access the action. This will result in One Touch adding a signed JWT token to the parameters in the URL (location). 

Then intended usage is achieving SSO behaviour.