SAMLAnonymousAssignmentAuthenticator

Authenticate users with a QR-code or on the same device using PhenixID One Touch.

Properties

Name Description Default value Mandatory
cancelURL The URL to redirect the browser to, after authentication has been cancelled. If not specified, the browser restarts the authenticator. No
pipeID The pipe to be executed after confirming the assignment. Empty for skipping this step. No
idpID Id of the pipe used to issue the SAML assertion Yes
issuer The issuer of the One Touch certificate. Yes
login_template_name Login form template (html). anonymousassignment.template No
assignment_template_name Assignment template shown in the One Touch App. ot_anonymous_auth_template.json No
poll_intervall Number of milliseconds to wait between each poll for confirmed assignment. 1000 No
max_polls Max number of polls for confirmed assignment to perform before timing out. 60 No
autostart Autostarts the one touch client on the same device. true No
allowLanguageChange Enable or disable the option to choose language. No
samlAuthMethod What value is set in the AuthnContextClassRef. urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient No
title_translation_key The key of the title displayed on the webpage login.anonymousassignment.title No
scanqr_translation_key The key of the scan qr text displayed on the webpage login.anonymousassignment.scanqr No
confirm_translation_key The key of the confirm text displayed on the webpage login.anonymousassignment.confirm No
rejected_translation_key The key of the rejected text displayed on the webpage login.anonymousassignment.rejected No
timeout_translation_key The key of the timeout text displayed on the webpage login.anonymousassignment.timeout No
error_translation_key The key of the error text displayed on the webpage login.anonymousassignment.error No
cancelled_translation_key The key of the cancerlled text displayed on the webpage login.anonymousassignment.cancelled No
open_onetouch_translation_key The translation key for opening one touch on the same device login.anonymousassignment.open_onetouch No
onetouch_on_other_device_translation_key The translation key for using one touch onm other device. login.anonymousassignment.onetouch_on_other_device No
cancel_translation_key The translation key for the cancel button. common.messages.btn.cancel No
ok_translation_key The translation key for the modal ok button. btn.messages.okay No
sendSAMLResponseOnError Whether or not a SAMLResponse containing an error response should be sent back to the SP upon an internal authentication error. false No
strictValidation Whether or not additional validation checks should be made on the SAMLRequest. false No
resolveSAMLRequestProperties Whether or not request properties from the SAML AuthnRequest should be resolved before proceeding with the authentication. Typically used at the start of an authentication flow. false No

Example Configuration

{
    "alias" : "ot",
    "id" : "myauthenticator",
    "name" : "SAMLAnonymousAssignmentAuthenticator",
    "configuration" : {
         "cancelURL" : "https://www.google.se",
         "pipeID" : "mypipe",
         "idpID" : "myidp",
         "issuer" : "Company ab",
         "allowLanguageChange" : "true",
         "max_polls" : "100",
         "poll_interval" : "2000"
         }
}

Requirements

  • One Touch backend configured.
  • One Touch activated by the authenticating user. 
  • resolveSAMLRequestProperties set to "true" at either this authenticator or one prior in the flow (e.g. a Dispatch or SAMLDataSave)