Input the name and description of your authenticator scenario

Here you enter an alias for your authenticator, which is a more user friendly version of the authenticator's ID (which is a random, auto generated UUID string). 

OneTouch has already performed a connection between a user store and the OneTouch issuer during the enrollment phase, so you do not need to connect this authenticator to a user store for the authenticator to execute. You may however want to configure it to make sure that this authenticator only works with the specific search filter you impose, or you may want to use additional attributes in the pipe flow. 

Here you configure which user store the authentication should be performed against. You may select an existing user store, or configure a new one. For instructions on configuring a new one, see the guide scenario for "Connections - LDAP" or "Connections - JDBC".

Depending on whether your connection is LDAP or JDBC, your next step will look different. For LDAP, you enter your search filter such that the username that the user will enter on the web correlates with your userid-attribute in the directory. You also select the search base for the users by clicking "choose" and selecting the correct category for your users.

For JDBC you simply adjust the SQL query so that it will select the correct user. {{request.username}} will resolve to the user id that OneTouch successfully authenticated.

Upon finishing the guide scenario, you will be met with an edit page where you can adjust additional settings. You can also see the "execution flow" tab where you can adjust the pipes and valves created in the scenario.