This guide scenario will create an authenticator that uses PhenixID OneTouch to authenticate a user. Make sure you have completed the guide scenario "System -- OneTouch" prior to attempting this scenario.

Name and Description

Input the name and description of your authenticator scenario


Here you enter an alias for your authenticator, which is a more user friendly version of the authenticator's ID (which is a random, auto generated UUID string). 

User store - optional

OneTouch has already performed a connection between a user store and the OneTouch issuer during the enrollment phase, so you do not need to connect this authenticator to a user store for the authenticator to execute. You may however want to configure it to make sure that this authenticator only works with the specific search filter you impose, or you may want to use additional attributes in the pipe flow. 

Here you configure which user store the authentication should be performed against. You may select an existing user store, or configure a new one. For instructions on configuring a new one, see the guide scenario for "Connections - LDAP" or "Connections - JDBC".

Search settings -- only relevant if connected to user store

Depending on whether your connection is LDAP or JDBC, your next step will look different. For LDAP, you enter your search filter such that the username that the user will enter on the web correlates with your userid-attribute in the directory. You also select the search base for the users by clicking "choose" and selecting the correct category for your users.

For JDBC you simply adjust the SQL query so that it will select the correct user. {{request.username}} will resolve to the user id that OneTouch successfully authenticated.

The result

Upon finishing the guide scenario, you will be met with an edit page where you can adjust additional settings. You can also see the "execution flow" tab where you can adjust the pipes and valves created in the scenario.