Use other OATH compliant app than Pocket Pass
This document describes how to use a different OATH compliant app than Pocket Pass with PhenixID Server
The webapps Self Service and / or MFA Admin are used for token enrollment.
The Self Service and MFA Admin web apps has to be configured without the "Online Key Provisioning" option in order to support other OATH compliant apps.
The enrollment process will be the same for users with and users without Pocket Pass.
Considerations when using other apps than Pocket Pass
Although PhenixID do support other OATH compliant apps than Pocket Pass, there are a few gotchas that needs to be considered. These are features that only will be supported when using Pocket Pass
- The Pocket Pass profile can be branded with a customer look and feel
- Pin code settings can be forced and managed from the back end
- Make sure the token only is used on one device. If multiple devices are needed, multiple enrollments have to be done
Example of OATH Compliant apps
- Google Authenticator
- Microsoft Authenticator
- + many more